in reply to "ORDER BY" clause silently fails
in thread HTML::Template Tutorial
A placeholder can only be a value, not the name of a column, so you will have to dynamically create the SQL for your case.
To be safe from SQL injection, I recommend setting up the allowed values in a hash and validating against that:
my %sortby = ( title => 'title', recorded => 'recorded', songwriter => 'songwriter', length => 'length', title_desc => 'title desc', ); my $column = $sortby{ $user_column } || 'title'; my $sql = <<SQL; select @{[join(',', @COLS)]} from songs order by $column SQL
|
---|
In Section
Tutorials