- 论坛徽章:
- 0
|
原帖由 wowmybaby 于 2006-8-16 21:07 发表
dbh->prepare("SELECT MIN(Time) AS MinTime FROM MQueryMap WHERE MQueryMap.QueryID=?")
最后的?号是什么意思?
谢谢
>perldoc DBI
...
The "?" characters are the placeholders. The association of actual values with placeholders is known as binding,
and the values are referred to as bind values.
...
for example:
$qurey_id = "foo'bar";
$sth = dbh->prepare("SELECT MIN(Time) AS MinTime FROM MQueryMap WHERE MQueryMap.QueryID=?");
$sth->execute($q_id);
Using placeholder "?" is best way to avoid meta character (such as single/double quote, etc,..) in $q_id.
DBI will automatic escape it.
Best,
ulmer |
|