Beefy Boxes and Bandwidth Generously Provided by pair Networks
Keep It Simple, Stupid
 
PerlMonks  

Re: Updating my database...or not

by roboticus (Chancellor)
on Aug 02, 2007 at 22:54 UTC ( [id://630415]=note: print w/replies, xml ) Need Help??


in reply to Updating my database...or not

molly:

If the code hasn't changed, and the data input has, then I'd suspect that you've got a quote in your input data that's munging your SQL statement into something like:

insert into searchresult values ('foo', 'alphabet'soup', 'gourmand');delete users;')

Instead of building a string like:

insert into searchresult values ('a','b','c')

you should use placeholders and make your sql like:

insert into searchresult values (?, ?, ?)

Then instead of executing your SQL with:

$sth->execute()

you could use:

$sth->execute(@ParmList);

Of course, you'll have to change the code a little and build the @ParmList array. But it'll shield you from problems like you're getting.

...roboticus

Log In?
Username:
Password:

What's my password?
Create A New User
Domain Nodelet?
Node Status?
node history
Node Type: note [id://630415]
help
Chatterbox?
and the web crawler heard nothing...

How do I use this?Last hourOther CB clients
Other Users?
Others chanting in the Monastery: (4)
As of 2024-07-16 09:04 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    No recent polls found

    Notices?
    erzuuli‥ 🛈The London Perl and Raku Workshop takes place on 26th Oct 2024. If your company depends on Perl, please consider sponsoring and/or attending.