dbi_quote
This filter uses the Perl DBI/DBD quoting method to make strings safe
for use in SQL queries.
All database-specific needs are honoured including,
but not limited to,
"\" escapes (if PostgreSQL or MySQL),
truncating at the first ASCII NUL (if PostgreSQL)
and turning an ASCII LF (line feed) into a literal two-character
"\n" (if MySQL).
The first DefaultTables table will be used to
provide a database connection handle, and database type,
unless a table name is provided.
|
Note
If you're using the [query] tag then you should use the
[PREFIX-quote] sub-tag
instead of this filter.
|
|
Availability
This filter was introduced in version 5.3.2,
and is therefore not available for use with any earlier Interchange version.
|
Example
|
[filter dbi_quote]Kevin's cat[/filter]
|
Results in:
Source code
sub {
my ($val, $tag, $table) = @_;
$table ||= $Vend::Cfg->{ProductFiles}[0];
my $db;
unless ($db = dbref($table)) {
::logError("filter dbi_quote cannot find database handle for table '%s'", $table);
return;
}
return $db->quote($val);
}
|
