Re: cgi.pm; DBI, filtering input?
- From: xhoster@xxxxxxxxx
- Date: 09 Dec 2005 18:04:39 GMT
"robert.waters" <robert.waters@xxxxxxxxx> wrote:
> Hi,
> I've decided to use HTML::Entities to do the tag encoding.
> I have another question though:
> How would I use DBI placeholders in the case of a multiple insert?
> I've got a field that takes a comma-delimited list with no limit on
> quantity.
> For instance, how would I convert this example to use placeholders?:
> $contentid=0;
> $sql = "INSERT INTO keyword (name, contentid) VALUES (";
> for (my $i=0; $i<@keywords; $i++) {
>
> $keywords[$i] = "(qw[$keywords[$i]],$contentid)";
I don't think that that is doing what you think it is doing. The qw
is not an operator, just the letters q and w.
>
> }
> $sql .= join(',', @keywords).")";
> # results in '...VALUES (("a",0),("b",0))' etc..
Even if that is what the results are, I don't think that that is correct
syntax for mysql. You shouldn't have the outer parenthesis.
Anyway, SQL text strings can be created on the fly with placeholders, just
like they can be created on the fly with data (only easier).
join ",", map "(?,?)", @keywords;
But I wouldn't bother. Just roll a loop with an execute inside it. Only
if/when that proves to be too slow would I consider trying to cram it all
into one SQL statement.
Xho
--
-------------------- http://NewsReader.Com/ --------------------
Usenet Newsgroup Service $9.95/Month 30GB
.
- References:
- cgi.pm; DBI, filtering input?
- From: robert.waters
- Re: cgi.pm; DBI, filtering input?
- From: Sherm Pendley
- Re: cgi.pm; DBI, filtering input?
- From: robert.waters
- Re: cgi.pm; DBI, filtering input?
- From: Bengt-Arne Fjellner
- Re: cgi.pm; DBI, filtering input?
- From: Sherm Pendley
- Re: cgi.pm; DBI, filtering input?
- From: robert.waters
- cgi.pm; DBI, filtering input?
- Prev by Date: Re: cgi.pm; DBI, filtering input?
- Next by Date: %USERACL Is Empty?!
- Previous by thread: Re: cgi.pm; DBI, filtering input?
- Next by thread: Perldocs for Schwartzian transforms?
- Index(es):
Relevant Pages
|
