Re: escape single quote in INSERT command

Dan Langille <dan@langille.org>

From: "Dan Langille" <dan@langille.org>
To: dave_h4@yahoo.com
Cc: <pgsql-sql@postgresql.org>
Date: 2002-11-26T18:47:20Z
Lists: pgsql-sql
On 27 Nov 2002 at 0:01, mallah@trade-india.com wrote:

> > Hi Group -
> >
> > I have a perl application for a registration form.
> 
> Same Here,
> 
> Why dont' you use prepare and execute  in case you are using DBI
> same program is like this.
> 
> $dbh = DBI -> connect ( "......");
> $sth = $dbh -> prepare("insert into tab (a,b) values (?,?)");
> $sth -> execute($a , $b );
> $sth -> finish();
> $dbh -> commit();
> $dbh -> disconnect();

IIRC, there is a dbi->quote() function as well.  That should properly 
escape anything.
-- 
Dan Langille : http://www.langille.org/