Are you not able to use placeholders with Oracle stored procedures? It's much safer as everything will be quoted correctly and you can avoid an SQL injection attack. (both of the following are untested and just here to show you how the methods work)
my $sql = 'exec OSP_FOO_BAR( ?, ?, ? )';
my $sth = $dbh->prepare($sql);
$sth->execute($xvar, $yvar, $zvar);
$dbh->commit();
If you can't use placeholders there, use the quote() function.
$_ = $dbh->quote($_) foreach $xvar, $yvar, $zvar; # foreach aliases $_
$SQLString = "exec OSP_FOO_BAR( $xvar, $yvar, $zvar )";
$dbh->do($SQLString);
$dbh->commit();
Cheers,
Ovid
Looking for work. Here's my resume. Will work for food (plus salary).
New address of my CGI Course.