Kos*_*ndr 3 postgresql perl dbi
这是我的代码的一部分.我使用从gmail收到的消息ID进行SELECT.Msg_id以base64的形式存储在数据库中,没有simbols"<>".
my $inbox = $imap->select("Inbox") or die "Select error: ", $imap->LastError, "\n";
my @mails = ( $imap->unseen );
foreach my $msgid (@mails) {
my $m_id = $imap->parse_headers( $msgid, "Message-id" )->{"Message-id"}->[0] . "\n";
$m_id =~ s/[<\>]//g;
$m_id = encode_base64($m_id);
$m_id =~ s/\r?$//;
my $q1 = "select id from mails.mails_in where user_id=$param[5] and message_id=$m_id and user_remote_id=$param[6]";
$sth = $dbh->prepare($q1);
$rv = $sth->execute();
my @array;
while ( @array = $sth->fetchrow_array() ) {
foreach my $i (@array) {
print "$i\t";
}
print "\n";
}
}
但得到这个错误.
DBD::Pg::st execute failed: ERROR: column "zdjkot..." does not exist
LINE 1: ...mails.mails_in where user_id=15206 and message_id=ZDJkOTQ1NT...
^ at ./script.pl line 65.
我尝试从基础使用现有的msg_id - 结果类似.另一个SELECT正常工作.类似的SELECT在php上正常工作.
我使用:Perl v5.18.2,PostgreSQL v8.4.14
你错过了单引号 $m_id
my $q1 = "select id from mails.mails_in where user_id=$param[5] and message_id='$m_id' and user_remote_id=$param[6]";
但使用?占位符总是更好,
my $q1 = "select id from mails.mails_in where user_id =? and message_id =? and user_remote_id =?";
$sth = $dbh->prepare($q1);
$rv = $sth->execute($param[5], $m_id, $param[6]);
因为您不必担心引号,参数转义和SQL注入攻击.