Regex Help?

Doran L. Barton fozz at hypermoo.com
Mon Oct 10 09:15:13 MDT 2011


On Monday, October 10, 2011 09:04:38 AM ijason wrote:
> $db->do("insert into tablename (column names) values 
> ('$line[0]','$line[1]'...)");

This is cool, but may I suggest you instead hawk the parameterized use of 
DBI::do:

	$db->do('INSERT INTO tablename (col1, col2, ... ) VALUES (?, ?, ...)',
 		undef,
		$line[0], $line[1], ... );

For more information on the virtues of parameterized database operations, see 
< http://bobby-tables.com/ >.

-- 
Doran L. Barton - Hypermoo Inc. - <fozz at hypermoo.com> - 801-520-9875
Open source consulting, custom development, systems/network administration
 "This is goods for those who wish to enjoy simple and rational lives."
    -- Label on a wastebasket for sale in Japan


More information about the PLUG mailing list