Skip Menu |

This queue is for tickets about the DBD-SQLite CPAN distribution.

Report information
The Basics
Id: 336
Status: resolved
Priority: 0/
Queue: DBD-SQLite

People
Owner: Nobody in particular
Requestors: jeffa [...] unlocalhost.com
Cc:
AdminCc:

Bug Information
Severity: Normal
Broken in: 0.10
Fixed in: (no value)



Subject: bug when inserting escaped single quotes
Hi Matt. Found something interesting in SQLite. I _think_ it is a bug (version 0.10)... ########################################################## use strict; use DBI; use Data::Dumper; unlink 'new.dbm' if -e 'new.dbm'; my $dbh = DBI->connect( ("DBI:SQLite:dbname=new.dbm"), {RaiseError=>1} ); # ok $dbh->do('create table foo (bar varchar(32))'); # ok $dbh->do("insert into foo(bar) values('baz')"); # bad $dbh->do(q|insert into foo(bar) values('baz\'ed')|; print Dumper $dbh->selectall_arrayref('select * from foo'); ########################################################### I also tried this using placeholders and had no troubles, but since i am shoving the output of mysqldump into DBI::do(), placeholders won't cut the mustard. Thanks, jeffa
Date: Sun, 10 Mar 2002 14:59:01 +0000 (GMT)
From: Matt Sergeant <matt [...] sergeant.org>
To: via RT <bug-DBD-SQLite [...] rt.cpan.org>
Subject: Re: [cpan #336] bug when inserting escaped single quotes
That's not how you escape quotes in SQL. You double them up., so it would be $dbh->do(q|insert into foo(bar) values('baz''ed')|); On Sat, 9 Mar 2002, via RT wrote: Show quoted text
> > > This message about DBD-SQLite was sent to you by JEFFA via rt.cpan.org > > Full context and any attached attachments can be found at: > <URL: https://rt.cpan.org/Ticket/Display.html?id=336 > > > Hi Matt. Found something interesting in SQLite. > I _think_ it is a bug (version 0.10)... > > ########################################################## > use strict; > use DBI; > use Data::Dumper; > > unlink 'new.dbm' if -e 'new.dbm'; > > my $dbh = DBI->connect( > ("DBI:SQLite:dbname=new.dbm"), > {RaiseError=>1} > ); > > # ok > $dbh->do('create table foo (bar varchar(32))'); > > # ok > $dbh->do("insert into foo(bar) values('baz')"); > > # bad > $dbh->do(q|insert into foo(bar) values('baz\'ed')|; > > print Dumper $dbh->selectall_arrayref('select * from foo'); > > ########################################################### > > I also tried this using placeholders and had no troubles, > but since i am shoving the output of mysqldump into DBI::do(), > placeholders won't cut the mustard. > > Thanks, > jeffa > >
-- <!-- Matt --> <:->Get a smart net</:->
Closing bug.