Re: escape single quote in INSERT command
Dan Langille <dan@langille.org>
From: "Dan Langille" <dan@langille.org>
To: dave_h4@yahoo.com
Cc: <pgsql-sql@postgresql.org>
Date: 2002-11-26T18:47:20Z
Lists: pgsql-sql
On 27 Nov 2002 at 0:01, mallah@trade-india.com wrote:
> > Hi Group -
> >
> > I have a perl application for a registration form.
>
> Same Here,
>
> Why dont' you use prepare and execute in case you are using DBI
> same program is like this.
>
> $dbh = DBI -> connect ( "......");
> $sth = $dbh -> prepare("insert into tab (a,b) values (?,?)");
> $sth -> execute($a , $b );
> $sth -> finish();
> $dbh -> commit();
> $dbh -> disconnect();
IIRC, there is a dbi->quote() function as well. That should properly
escape anything.
--
Dan Langille : http://www.langille.org/