[ABE.pm] array references?

Tue Oct 5 07:45:04 CDT 2004

On Oct 4, 2004, at 20:05, Faber Fedor wrote:

> On 02/10/04 16:17 -0400, Ricardo SIGNES wrote:
>> * Faber Fedor <faber at linuxnj.com> [2004-10-01T18:05:11]
>>> I hacked this together from something I read on usenet:
>>>
>>> my $data_array = $dbh->selectall_arrayref("select id, weight from
>>> $table where realdate =  '" . $fulldate ."'");
>>
>> I'm not sure about the use of $table, but at least consider
>
> $table is a variable that get's set, just like $fulldate.

"Richardo" ;-) may have been wondering if you could also bind the table 
name, instead of interpolating.  If so, I can say I've not know any of 
the DBD modules I use to allow this.  It's dependent on Oracle, MySQL, 
whatever.

>>
>> 	$dbh->selectall_arrayref(
>> 		"SELECT id, weight FROM table WHERE realdate = ?",
>> 		undef,
>> 		$fulldate
>> 	);
>>
>> This will use proper quoting to get the date in, and avoid SQL 
>> injection
>> attacks.
>
> This will put quotes around the date, e.g. the SQL will read like this:
>
> SELECT id, weight FROM table WHERE realdate = '1993-01-31'
>
> :-?

No, it will "do the right thing," whether it be date or string.  Handy!

>
>> $sum += @{$_->[1]} for @$data_array;
>
> Now what's the difference between yours and Phils, other than you have
> more squigglies in yours?

This is wrong, or, more charitably, advanced and opaque.  += expects a 
scalar number, and treating the 1st element of the current aref as an 
aref itself is not...  intuitive.  If I recall, this element was in 
fact a scalar in your example anyway.

IIRC, if it really was an aref, this would return the last element of 
the aref to the += operator.  Better to rely on the warnings pragma to 
alert you that it's not a scalar by simply referencing it as such.

>
>> open my $output, '>', $outfile;
>>
>> This creates a lexical filehandle-reference, which will autoclose when
>> it goes out of scope.
>
> That's cute.

Indeed.  My code is now jealous.

:-)
prl