Re: Efficient select/insert
- From: mlists@xxxxxxxxxxxxxxx (JupiterHost.Net)
- Date: Tue, 26 Apr 2005 15:35:27 -0500
$dbh->do("INSERT INTO t (col1, ...) SELECT col1, ... FROM t2 WHERE x = '$element'");
Oi SQL injection warning! Red lights and sirens - don't do that!!
'$element' is suuuuupper dangerouse, evil evil evil
either $dbh->quote it or use ? in your prepare/execute dance:
$dbh->do( 'INSERT INTO t (col1,col2) SELECT col1,col2 FROM t2 WHERE x = ' . $dbh->quote($element) );
Lee.M .
- References:
- Efficient select/insert
- From: Jonathan Mangin
- Re: Efficient select/insert
- From: Philip M. Gollucci
- Efficient select/insert
- Prev by Date: RE: Efficient select/insert
- Next by Date: Re: Efficient select/insert
- Previous by thread: Re: Efficient select/insert
- Next by thread: Re: Efficient select/insert
- Index(es):
