| From: | "filippo" <filippo2991(at)virgilio(dot)it> |
|---|---|
| To: | pgsql-general(at)postgresql(dot)org |
| Subject: | stored queries and quoted strings |
| Date: | 2007-03-30 07:31:18 |
| Message-ID: | 1175239878.580307.28090@o5g2000hsb.googlegroups.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general |
Hello,
I have a strange problem with stored queries like this
$sql = qq/
SELECT city, country
FROM countries
WHERE city LIKE ?
ORDER BY city
/;
$sthCity= $dbh->prepare($sql);
my $tempCity = $dbh->quote("n%");
$sthCity->execute($tempCity);
my $result = $sthCity->fetchall_arrayref;
the query doesn't return any value. It works only if I remove the -
>quote(). The following code actually works retuning all cities with
their name n-something
my $tempCity = "n%";
$sthCity->execute($tempCity);
my $result = $sthCity->fetchall_arrayref;
bu I'm a little bit worried to use a a WHERE statement without quoting
the search pattern (input by user). Is it a problem or not?
Thanks,
Filippo
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Richard Huxton | 2007-03-30 07:32:51 | Re: Postgres 8.2.3 or 8.1.8? |
| Previous Message | Richard Huxton | 2007-03-30 07:30:29 | Re: coalesce for null AND empty strings |