[EMAIL PROTECTED] wrote: > On Jun 25, 3:19 pm, [EMAIL PROTECTED] (Ricky Zhou) wrote: >> Greg Jetter wrote: >>> my $query = "insert into tablename >>> (atablenaem1,atablename2,atablename3)VALUES($SubjPerform,$somthing2, >>> $somthing3); >>> # insert stuff in the db >>> $dbh->do($query) or die "$DBI::errstr"; >> To prevent SQL injection, etc. It's strongly recommended that you use >> placeholders, which will automatically escape user-provided input for you. >> >> my $query = "insert into tablename (atablenaem1,atablename2,atablename3) >> values (? ,?, ?)"; >> $dbh->do($query, $SubjPerform, $somthing2, $somthing3) or die >> "$DBI::errstr"; >> >> Seehttp://search.cpan.org/~timb/DBI-1.57/DBI.pm#Placeholders_and_Bind_Va... >> for details. >> >> Hope this helps, >> Ricky >> >> signature.asc >> 1KDownload > > Okay, I see where I totally missed the point of your code....I see > that I have to put the column name after the table name in > parentheses. So, here's the code I'm using to just place SynRegime > values into the column SynRegime in the table named test...still > getting some errors...I've added some quotes, and here's the error I > get now...with the following code: > Column count doesn't match value count at row 1 at C:\perl-scripts > \mysqlcgi.cgi line 37. > I didn't think the column count should match the value count since I'm > only inserting one these five enum values into one column when the > user submits. Thanks again for any advice. I'll continue to work on > this... > Shad > > > #!/perl/bin/perl -w > use CGI qw(:standard); > use CGI::Carp qw(warningsToBrowser fatalsToBrowser); > use Fcntl qw(:flock :seek); > use strict; > use DBI; > > my $DATABASE ="test"; > my $USERNAME = "root"; > my $PASSWORD ="bamboo"; > my $HOSTNAME = "localhost"; > my $data_Source = "DBI:mysql:".$DATABASE .":".$HOSTNAME; > > > print header; > print start_html("Gradients"); > > my $q=new CGI; > > > > my $RI = $q->param("RI"); > my $ET = $q->param("ET"); > my $AT = $q->param("AT"); > my $CUT = $q->param("CUT"); > my $FLT = $q->param("FLT"); > > my $dbh = DBI->connect($data_Source,$USERNAME,$PASSWORD) or die > "$DBI::errstr"; > > > my $query = "insert into regimetest(SynRegime) VALUES('?', '?', '?', > '?', '?')";
First, if you are inserting into only one column, you need only one placeholder. Second, you do not need quotes around placeholders. DBI will take care of the quoting for you. > > #$dbh->do($query) or die "$DBI::errstr"; > > $dbh->do($query, $RI, $ET, $AT, $CUT, $FLT) or die "$DBI::errstr"; You can't use a "do" method with bind parameters. You will need to do a prepare followed by an execute. It looks like you might benefit from a more thorough reading of the DBI documentation. If I were you, I would work through the examples given in those docs quite carefully. I know the document is quite long and fairly tedious in places, but the first part reads like a tutorial. Sean > print end_html; > > #sub dienice { > # my($errmsg) = @_; > # print "<h2>Error</h2>\n"; > # print "<p>$errmsg</p>\n"; > # print end_html; > # exit; > #} > > -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] http://learn.perl.org/