Please, oh please, do not put your variables right into your SQL statement. That's just asking for long-term problems. Nevermind nasty injection bugs.
my @where;
my @binds;
if ($emp_user_name ne "*")
{
if ($bb_activity_code) {
push @where, 'bb_activity_code LIKE ?';
push @binds, "%$bb_activity_code%";
}
if ($bb_model) {
push @where, 'bb_model = ?';
push @binds, $bb_model
}
if ($bb_pin) {
push @where, 'bb_pin LIKE ?';
push @binds, "%$bb_pin%";
}
if ($bb_phone) {
push @where, 'bb_phone LIKE ?';
push @binds, "%$bb_phone%";
}
if ($bb_imei_esn_dec) {
push @where, 'bb_imei_esn_dec LIKE ?';
push @binds, "%$bb_imei_esn_dec%";
}
if ($bb_status) {
push @where, 'bb_status = ?';
push @binds, $bb_status
}
if ($bb_region_code) {
push @where, 'bb_region_code = ?';
push @binds, $bb_region_code
}
if (@where) {
push @where 'emp_user_name LIKE ?';
push @binds, "%$emp_user_name%";
}
}
my $statement = "SELECT bb_id, emp_user_name, bb_activity_code, bb_mod
+el, bb_pin, bb_phone, bb_imei_esn_dec, bb_status, bb_region_code FROM
+ blackberry";
$statement .= ' WHERE ' . join(' AND ', @where) if @where;
$statement .= ' ORDER BY emp_user_name';
Of course, you then have to bind @binds to your query, which I assume is possible with Win32::ODBC, but I'll leave that to you to look at. Anyway, this should be much simpler than what you had - and easier to add to or otherwise modify. In fact, I'd go another step and put all those variables into a hash, and then you could loop through them to generate the SQL statement. A bit more abstraction which could make runtime a bit slower, but make modifications (of the code) much faster.
-
Are you posting in the right place? Check out Where do I post X? to know for sure.
-
Posts may use any of the Perl Monks Approved HTML tags. Currently these include the following:
<code> <a> <b> <big>
<blockquote> <br /> <dd>
<dl> <dt> <em> <font>
<h1> <h2> <h3> <h4>
<h5> <h6> <hr /> <i>
<li> <nbsp> <ol> <p>
<small> <strike> <strong>
<sub> <sup> <table>
<td> <th> <tr> <tt>
<u> <ul>
-
Snippets of code should be wrapped in
<code> tags not
<pre> tags. In fact, <pre>
tags should generally be avoided. If they must
be used, extreme care should be
taken to ensure that their contents do not
have long lines (<70 chars), in order to prevent
horizontal scrolling (and possible janitor
intervention).
-
Want more info? How to link
or How to display code and escape characters
are good places to start.