From: "Pat Rice" <[EMAIL PROTECTED]>
> Hi all
> I'm trying to get the following working
> what I want to do is to click on the link and it would order the
> table, through the SQL query.
>
> I think the problem is that when I click on on the link to ORDER BY it
> fails, that is it does not change the order of the table. I wondering
> does anyone know how I can confirm that the ? is correct, as in what
> is being passed to the query. but I'm prety sure that I am passing the
> correct arguments to the SQL query,
> i.e.
> my $sth = $dbh->prepare('SELECT * FROM test1 ORDER BY ?');
>
> Thanks in advance
> Pat
Most databases would not let you prepare a statement like this. Most
often only values may be replaced by placeholders, not column names.
For a good reason actually, the prepare should give the database
enough information to generate an execution plan ... the database
needs to know how it is going to evaluate the query, what indexes it
will use etc. And the ordering may very well affect this (it should,
you do create indexes for your tables, right?).
If this works somewhere I bet the placeholders are actually
implemented within the Perl layer instead of passing the prepared
statement to the database, obtaining a handle and then sending just
the handle and the values.
So in this particular case you have to stop using placeholders. You
SHOULD make sure the $sortby is always only one of the allowed
strings, nothing else!
Jenda
===== [EMAIL PROTECTED] === http://Jenda.Krynicky.cz =====
When it comes to wine, women and song, wizards are allowed
to get drunk and croon as much as they like.
-- Terry Pratchett in Sourcery
--
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
http://learn.perl.org/
