[Purdue-pm] DBI Usage Question

Andy Lester andy at petdance.com
Fri Feb 22 08:43:37 PST 2008

On Feb 22, 2008, at 10:41 AM, Rick Westerman wrote:

>    The use of '?' marks (placeholders) in DBI is two fold -- First for
> speed since  the prepare statement only has to be done once instead of
> each time for each new set of variables.  Second it automatically  
> quotes
> the parameters so that you do not need to do so.

And number three, it protects against SQL injection attacks.


Andy Lester => andy at petdance.com => www.petdance.com => AIM:petdance

More information about the Purdue-pm mailing list