I posted a similar
question to this once. . . Taking the great advice
ehdonhon gave me, along with suggestions given above by
blakem,
Abigail-II, and
Ryszard, you could come up with something like this:
push(@where_array, 'item1 = ?');
push(@params, $item1);
push(@where_array, 'item2 = ?');
push(@params, $item2);
push(@where_array, 'item3 = ?');
push(@params, $item3);
my $select = join(', ',@select_array);
my $where = join(' and ',@where_array);
my $script = "SELECT $select FROM table WHERE $where";
. . .
$sql->execute(@params);
This works the same way as the examples above, with the added benefit of placeholders. If the items in your where clause are coming from user input (especially a CGI), you'll definitely want to be using placeholders in your SQL statements.
Hope this helps,
MrCromeDome