i have alway got the error when using below code to escape quotation mark.
can any senior could show me the correct code to fix the problem?
(The error is syntax error


Thanks

$sql_syntax =qq(
INSERT INTO $table_inquiry (comment1, comment2, comment3)
VALUES (?, ?, ?)
);
&SQL_EXE($dbh,$sql_syntax);
$sth->execute(comment1, comment2);

Hi biao,

First, this would have been better posted to the Perl forum. As for your problem:

1) What does &SQL_EXE($dbh,$sql_syntax); do?
2) Where is your $sth handle coming from?
3) Your execute is using two params but you actually need three. I'm not sure you are even making it this far though.

Please post the actual error message from you error log. You might want to turn on RaiseError when you are connecting to your DB for more info.

~Charlie

sorry my fault.

here it is ( below code is failed. returned error code shows that snytax near ?,?,? is incorrect.)

---

sub SQL_EXE {
local ($dbh,$sql_syntax) = @_;
$sth = $dbh->prepare($sql_syntax);
if (!$sth->execute) {
$DATA.= qq(-----------------------------------------------------------------------------------------------------------------------------------);
$DATA.= qq(<br><br><b>Error</b> : ) . $sth->errstr . qq(<br><br>);
$DATA.= qq(-----------------------------------------------------------------------------------------------------------------------------------);
$DATA.= qq(<br><br><input type='button' name='back' value='<-- Back' onclick='javascript:history.back()'> );
print $DATA;
exit;
}
}

$sql_syntax =qq(
INSERT INTO $table_inquiry (comment1, comment2, comment3)
VALUES (?, ?, ?)
);
&SQL_EXE($dbh,$sql_syntax);
$sth->execute(comment1, comment2, comment3);

---

there are 8 colum in the table, i only insert comment1,comment2,comment3 and leave others as its default value.
When i using similar method update the entry, it works while it fails when i insert new entry.

below code for updating is working now

---

$sql_syntax =qq(
UPDATE $table_inquiry
SET
comment1= ?,
comment2= ?,
comment3= ?
WHERE (ID = '$ID')
);
&SQL_EXE($dbh,$sql_syntax);
$sth->execute($comment1, 'comment2', $comment3);

---

Thanks

The main problem is with your SQL_EXE code. 1) You're working too hard to trap errors. 2) You are executing the query in that routine and you probably shouldn't be. Something like this would work better for you:


And even better would be:


As I mentioned in the above post you can set the RaiseError attribute to true so DBI will automagically die on all errors and you don't have to test every single method return. Read over the POD on connect and do for additional info.

Next: On your execute:


You need to use $comment1 or 'comment1' for all of your values. You can't use bare words like you have now.

Hopefully that will get you going.

~Charlie

Hello biao, An Insert and an Update are different SQL animals.

You said :

there are 8 colum in the table, i only insert comment1,comment2,comment3 and leave others as its default value.
When i using similar method update the entry, it works while it fails when i insert new entry.

An Insert requires to put something in each field !

-- 8 fields requires 8 values in an insert statement.

-- IT does not exist so you have to fill in 8 fields even if empty.

call Agent 99 if you are stuck at this point 1-800-AGENT-99
Do Not search the web with google.com, the FBI are watching !


Update can be 1 to 8 fields , you are just changing a record. Easy street.

Thanks Me Stupid, PHB, Awe struck on the blonde.