[EMAIL PROTECTED] wrote:
> On Jun 25, 3:19 pm, [EMAIL PROTECTED] (Ricky Zhou) wrote:
>> Greg Jetter wrote:
>>> my $query = "insert into  tablename
>>> (atablenaem1,atablename2,atablename3)VALUES($SubjPerform,$somthing2,
>>> $somthing3);
>>> # insert  stuff in the db
>>> $dbh->do($query) or die "$DBI::errstr";
>> To prevent SQL injection, etc.  It's strongly recommended that you use
>> placeholders, which will automatically escape user-provided input for you.
>>
>> my $query = "insert into tablename (atablenaem1,atablename2,atablename3)
>> values (? ,?, ?)";
>> $dbh->do($query, $SubjPerform, $somthing2, $somthing3) or die
>> "$DBI::errstr";
>>
>> Seehttp://search.cpan.org/~timb/DBI-1.57/DBI.pm#Placeholders_and_Bind_Va...
>> for details.
>>
>> Hope this helps,
>> Ricky
>>
>>  signature.asc
>> 1KDownload
> 
> Okay, I see where I totally missed the point of your code....I see
> that I have to put the column name after the table name in
> parentheses.  So, here's the code I'm using to just place SynRegime
> values into the column SynRegime in the table named test...still
> getting some errors...I've added some quotes, and here's the error I
> get now...with the following code:
> Column count doesn't match value count at row 1 at C:\perl-scripts
> \mysqlcgi.cgi line 37.
> I didn't think the column count should match the value count since I'm
> only inserting one these five enum values into one column when the
> user submits.  Thanks again for any advice.  I'll continue to work on
> this...
> Shad
> 
> 
> #!/perl/bin/perl -w
> use CGI qw(:standard);
> use CGI::Carp qw(warningsToBrowser fatalsToBrowser);
> use Fcntl qw(:flock :seek);
> use strict;
> use DBI;
> 
> my $DATABASE ="test";
> my $USERNAME = "root";
> my $PASSWORD ="bamboo";
> my $HOSTNAME = "localhost";
> my $data_Source = "DBI:mysql:".$DATABASE .":".$HOSTNAME;
> 
> 
> print header;
> print start_html("Gradients");
> 
> my $q=new CGI;
> 
> 
> 
> my $RI = $q->param("RI");
> my $ET = $q->param("ET");
> my $AT = $q->param("AT");
> my $CUT = $q->param("CUT");
> my $FLT = $q->param("FLT");
> 
> my $dbh = DBI->connect($data_Source,$USERNAME,$PASSWORD) or  die
> "$DBI::errstr";
> 
> 
> my $query = "insert into regimetest(SynRegime) VALUES('?', '?', '?',
> '?', '?')";

First, if you are inserting into only one column, you need only one
placeholder.  Second, you do not need quotes around placeholders.  DBI
will take care of the quoting for you.

> 
> #$dbh->do($query) or die "$DBI::errstr";
> 
> $dbh->do($query, $RI, $ET, $AT, $CUT, $FLT) or die "$DBI::errstr";

You can't use a "do" method with bind parameters.  You will need to do a
prepare followed by an execute.

It looks like you might benefit from a more thorough reading of the DBI
documentation.  If I were you, I would work through the examples given
in those docs quite carefully.  I know the document is quite long and
fairly tedious in places, but the first part reads like a tutorial.

Sean


> print end_html;
> 
> #sub dienice  {
> # my($errmsg) = @_;
> # print "<h2>Error</h2>\n";
> # print "<p>$errmsg</p>\n";
> # print end_html;
> # exit;
> #}
> 
> 

-- 
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
http://learn.perl.org/


Reply via email to