Download your favorite Linux distribution at LQ ISO.
Go Back > Forums > Non-*NIX Forums > Programming
User Name
Programming This forum is for all programming questions.
The question does not have to be directly related to Linux and any language is fair game.


  Search this Thread
Old 11-19-2008, 10:16 AM   #1
Senior Member
Registered: Mar 2008
Location: Cyberspace
Distribution: Dynebolic, Ubuntu 10.10
Posts: 1,323

Rep: Reputation: 62
Perl: Want to compare CGI input with data from a MySQL table

I have this program:
#! /usr/bin/perl

use DBI ;
use strict ;

use CGI ;
my ($cgi) = new CGI ;

my (@param) = $cgi->param("firstname","lastname","type") ;

my ($dsn)="DBI:mysql:dr:localhost";
my ($user_name) = "fubar" ;
my ($password) = "secret" ;
my ($dbh,$sth) ;
my (@ary) ;

$dbh = DBI->connect ($dsn, $user_name, $password, { RaiseError => 1 });

$sth=$dbh->prepare ("SELECT firstname,lastname,type FROM dts WHERE firstname LIKE $param[0] AND lastname LIKE $param[1] and type LIKE $param[2]" );

$sth->execute ();

and I get this error simply running the program from the command line:

DBD::mysql::st execute failed: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '' at line 1 at ./submit.cgi line 24.

My question is: is this the right syntax to use, both, for this line:

my (@param) = $cgi->param("firstname","lastname","type") ;

as well as this one:

$sth=$dbh->prepare ("SELECT firstname,lastname,type FROM dts WHERE firstname LIKE $param[0] AND lastname LIKE $param[1] and type LIKE $param[2]" );

or should there be quotes around the $param[0] or something? (also is it $param[0] or $param(0)?)

Old 11-20-2008, 07:58 AM   #2
Senior Member
Registered: Sep 2004
Location: Savannah, GA
Distribution: Ubuntu, Gentoo, Mythbuntu, ClarkConnect
Posts: 1,154

Rep: Reputation: 47
Check your syntax

Right off, I notice that you aren't quoting strings:

$sth=$dbh->prepare (qq{SELECT firstname,lastname,type FROM dts 
                       WHERE firstname LIKE "$param[0]" AND 
                             lastname LIKE "$param[1]" AND 
                             type LIKE "$param[2]"} );
You're also using LIKE with no variable (% is wildcard)


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
Building a table to display from user input: PHP, MySQL deesto Programming 11 06-11-2008 06:25 PM
[Perl] - save input in .html file noir911 Programming 2 01-07-2007 03:36 PM
perl CGI + dynamic table generation kurrupt Programming 8 09-27-2006 11:25 PM
/perl/php/cgi/mysql dramous Linux - Newbie 0 10-08-2004 06:11 PM
retriving mysql data, and placing it inside a table in html using perl rhuser Programming 1 03-12-2003 06:04 AM

All times are GMT -5. The time now is 05:03 AM.

Main Menu
Write for LQ is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration