In my projects, I had routines like the following :
sub selectAll {
my ($what,$table,@clauses);
my $where = "";
if (@clauses) {
$where = " WHERE " . join(" and ",@clauses);
};
my $statement = "SELECT $what FROM $table $where";
my $sth = $dbh->prepare($statement);
$sth->execute() or die "SQL: selectAll: '$statement' failed.";
return $sth->fetchall_arrayref();
};
Nowadays, I'm using mostly prepared SQL queries with prepared parameters, as this gives automatic quoting, parameter count checking and syntax checking before that statement is executed the first time. If you don't have
dynamic tables (and if you have, you should maybe rethink your database layout), the following should work for you :
my $sthGetFile = $dbh->prepare("select VISUAL,LINK from FILES where (I
+D=?)");
sub getFile {
my ($file) = @_;
$sthGetFile->execute($file);
return $sthGetFile->fetchrow_arrayref();
};
# Assuming $id exists in the table
print getFile($id)->[1];
Update: On rereading the original post, I think the real answer is
my @id = (1,2,3,4,6,7,8);
my $clause = "";
if (@id) {
$clause = "where ID in (" . join(",",@id) . ")";
};
my $statement = "select ID,COLOR from TABLE $clause";
...
|