[Purdue-pm] DBI Usage Question
Michael Gribskov
gribskov at purdue.edu
Fri Feb 22 07:28:24 PST 2008
it will be slower because you have to $dbh->prepare every sql query.
other than that its fine
Dave Jacoby wrote:
> Assume a database table Test with a self-incrementing primary key field
> and two other fields, USERID and ABCD. You want to put user-input data
> into USERID and ABCD. Assume this is the SQL string you want.
>
> INSERT INTO Test ( USERID , ABCD ) VALUES ( 'random' , 'text' ) ;
>
> http://www.stonehenge.com/merlyn/UnixReview/col58.html
> Randal Schwartz codes his example using this syntax:
>
> my $sth = $dbh->prepare(
> q{ INSERT INTO Test ( USERID , ABCD ) VALUES ( ? , ? ) }
> ) ;
> $sth->execute( $a , $b ) ;
>
> I'd rather do it more like this:
>
> $a = $dbh->quote($a) ;
> $b = $dbh->quote($b) ;
> my $query = qq{INSERT INTO Test {USERID,ABCD} VALUES ($a,$b);};
> my $sth = $dbh->prepare($query) ;
> $sth->execute() ;
>
> Because then I know that I've explicitly and clearly quoted the inputs.
>
> I know TMTOWTDI. I like that TMTOWTDI. But I believe that some ways are
> better than others, and Randal Schwartz might know some of the better
> ways. Is there an overriding, understandable reason why my way is worse?
>
>
--
Michael Gribskov - gribskov at purdue.edu
Professor of Biological Sciences and Computer Science
Purdue University
Lilly Hall of Life Sciences
915 W. State Street
West Lafayette IN 47907-2054
voice: 765.494.6933 fax: 765.496-1189 email: gribskov at purdue.edu
Calendar:
http://www.genomics.purdue.edu/webcal/wcal.pl?anonymous=1&w=Gribskov
Administrative Asst: Karen Studebaker
voice: 765.494.8518 email: studebak at purdue.edu
More information about the Purdue-pm
mailing list