in reply to Avoid embedding variables in SQL - Dancer App

Your first example only uses one variable in the place.

Your second example uses three placeholders, but you don't want categories.id_cat to be compared as a string.

Placeholders only work for constant values, not for column references. You will need to use string interpolation for that.

Replies are listed 'Best First'.
Re^2: Avoid embedding variables in SQL - Dancer App
by GertMT (Hermit) on Sep 05, 2014 at 16:14 UTC

    Thanks for your comments

    Reading about this I hope not to be wrong in my conclusion that

    ---- WHERE products.fk_cat = categories.id_cat AND products.fk_col = collections.id_col AND collections.link_col = ? SQL my $sth = database->prepare($sql); #print Dumper $link; # is okay $sth->execute( $link ); ----
    Should be okay.