When using the DBI it is best to either let the database handle quote
the strings or use placeholders:
database handle quoting:
my $update = "UPDATE tab SET foo = " . $dbh->quote($foo_val) .
" WHERE bar = " . $dbh->quote($bar_val);
$dbh->do($update);
place holders:
my $sth = $dbh->prepare("UPDATE tab SET foo = ? WHERE bar = ?");
$sth->execute($foo_val, $bar_val);
My preference is place holders because it alows you to create more
generic solutions.
On 2/4/06, Anish Kumar K. <[EMAIL PROTECTED]> wrote:
> Hi
>
> I am getting a strange error and I have no clue as how to fix this..
> I am getting values from select multiple tag from the FORM and trying to
> update the value in the table.
>
> Say the select tag is like this
>
> <select name="course" multiple>
> <option value="c">c</option>
> <option value="java">java</option>
> <option value="perl">perl</option>
> </select>
>
> And I selected "java" , "perl". then the select course will have the value as
> javaperl.
>
> when I did the update query I am getting the error as
>
> DBI returned -> ERROR: Unterminated quoted string
>
> Then I used the hardcoding in the query then it was working fine.. So i feel
> there is some hiddencharacter which is causing the issue. when I printed the
> length it was giving 1 more the actual length. I tried all possible ways
>
> like $course=~ s/\r//g; splitting up ...substring...
>
> I hardcorde the select value in $course and then tried then it worked fine..
>
> I am using postgres databse
>
> Query was
>
> $course I get from the select value
>
> update course_info set course='$course' where name='anish';
>
> Thanks
> Anish
>
--
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
<http://learn.perl.org/> <http://learn.perl.org/first-response>
