note
jZed
No, please don't do that. Either use the $dbh->quote() method, or even better use placeholders. Use placeholders! Did I mention? Use placeholders - more secure, more portable, the right way to do it. Both quote() and placeholders automatically quote strings and leave numbers unquoted.
<c>
my $sth = $dbh->prepare("
UPDATE tablename SET columname = ?
");
$sth->execute($data);
</c>
657748
657748