David Birkbeck wrote:
> Can someone help me with creating a script to return certain information from a
>Postgres database to a drop down box on a webpage?
What fails ?
> #!/usr/bin/perl
>
use strict;
use warnings;
> use CGI;
> use DBI;
>
> #Define connection values
> $DBSource = 'dbi:Pg:dbname=mydb';
> $DBUsername = 'test';
> $DBAuth = 'test';
>
> #Open db connection
> $dbh = DBI->connect($DBSource,$DBUsername,$DBAuth) or die "Can't connect to SQL
>Database";
>
> #Prepare and execute SQL statement
> $sqlstatement="SELECT $value FROM $table WHERE username LIKE '[EMAIL PROTECTED]'";
^
That will try to interpolate.
(If you would have switched warning on, you would have got an
informative warning about it).
One way to avoid it is to escape this character (\@).
Another way (more secure and more elegant) is to use placeholders:
my $sql = "SELECT $value FROM $table WHERE username LIKE ?";
my $sth = $dbh->prepare($sql);
$sth->execute('[EMAIL PROTECTED]')
or die "Could not execute SQL statement ... maybe invalid?";
> $sth = $dbh->prepare($sqlstatement);
> $sth->execute ||
> die "Could not execute SQL statement ... maybe invalid?";
> ...
> ...
Greetings,
Janek
--
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
