in reply to Hidden Secrets of PERL

Not a real hidden secret, and mentioned on this site before: (however i use it, since it's save for my examle): the x operator.
have a look at the following example:
my $sql = join(",", @allsearchterms); my $sth = $dbh->prepare("select * from table where value in($sql)"); # You need to place qutes arount the sql-items, but you'll get the poi +nt here... $sth->execute();
As you know, this isn't safe (sql Piggybacking)
Now concider the next code example:
my $qm = join ',', ('?') x @allsearchterms; my $sth = $dbh->prepare("select * from table where value in($qm)"); $sth->execute(@allsearchterms);
As you see, a neat feature of Perl :)

code adjusted as suggested by Hue-Bond

"We all agree on the necessity of compromise. We just can't agree on when it's necessary to compromise." - Larry Wall.

Replies are listed 'Best First'.
Re^2: Hidden Secrets of PERL
by Hue-Bond (Priest) on Oct 12, 2006 at 10:24 UTC
    My $qm = '?,'x scalar(@allsearchterms);

    The argument at the right of x is in scalar context, so no need to call scalar. Besides it, you can use join to get rid of the chop:

    my $qm = join ',', ('?') x @allsearchterms;

    David Serrano