execute parameters and quoting

Hi all,

as far as I know, parameters used with execute() will be quoted correctly. =
Now I have the following code:

foreach (@search_fields) {
my ($value) =3D $q->param($_) =3D~ /([\S ]*)/;
$value =3D '%' . $value . '%';
push @search_values, $value;
}

my $query =3D (...);
=20
my $sth =3D $dbh->prepare($query);
$sth->execute(@search_values);

(...) stands for a lenghty query string, which contains placeholders in the=
order of @search_fields/@search_values.

This works fine, as long as the strings to be searched do not contain singl=
e quotes. Searching for "O'Reilly", for example, returns nothing, while the=
re are several O'Reilly titles in the database.

I tried to include an additional call to quote() in the forearch loop, but =
it did not solve the problem.

Any suggestions? Thanks.

- Jan

--=20
The day Microsoft makes something that doesn't suck is the day they start s=
elling vacuum cleaners.

--
MySQL Perl Mailing List
For list archives: http://lists.mysql.com/perl
To unsubscribe: http://lists.mysql.com/perl?unsub=3Dgcdmp-msql-mysql-modules @m.gmane.org