Your ignorance? I think that the rule is that you only quote when you have to, and bind your parameters at all other times. Which pretty much means a borked driver, I think, where it doesn't handle quoting for you, and neither does the database backend (if any). So, if anything, your only ignorance might be saying you're ignorant about using ? instead of quote ;-)
Update: ok, that might have been confusing. You're absolutely right - use ? over quote(). Everytime. Unless, of course, the DBD doesn't support ?.
| [reply] |
Jsut to clafiy, because now you've confused me: I use ? and it seems to quote exactly when i would expect it to. Which means treating numbers correctly. I avoid ->quote() as much as possible becuase it didnt' seem to DWIM as often as ? did and ? looks better to me. ;) So I think that the OP might need to say column="$quoted_string" or column = ? and pass it an unquoted string.
| [reply] [d/l] [select] |