----- Original Message -----
From: "Andrei Boros" <andrix@stripped>
Sent: Monday, January 24, 2000 3:47 AM
Subject: MySQL and Perl syntax
> I've made some perl scripts to interface mysql with a http server for a
> personal application. After debugging most of the errors, one user told me
> the following:
> If he/she entered the " ' " character in a field sent to a char/text
> he/she got back a query syntax error like this :
> Can't execute query : insert into db1.configurations
> values('arg3wr','8088','256 bytes','fdd 360 kb','sis 1000 256
> KB','ttf14'','e62g7e','iug8','08y','de unde???','nici atat
> Reason: You have an error in your SQL syntax near
> 'e62g7e','iug8','08y','de undeNULLNULLNULL','nici atat ','','','1','')'
> at line 1
> Also, these three "???" generated a "NULLNULLNULL". How can I go around
> special characters?
> E-mail: mailto:andrix@stripped: 0009rs.tripod.com/andrei_b
Using $dbh->quote() should cure both of these problems. The misquoting
happens before the ???, so I think perhaps DBI thought you were trying to
use placeholders .. but you didn't pass anything in your $sth->execute(),
and therefore ? = NULL.
perldoc DBI ... can explain more.
Also quoters beware, when using $dbh->quote("hello_world%") with SELECT and
LIKE, by default -- the underscore and percent signs are left untouched.