May 8, 2008, 2:45 PM
Post #2 of 2
you dont need to sanitize anything with DBI, DBI does that for you already, here is a quick example:
Re: [musclehead] Storing HTML in MySQL
[In reply to]
$mark = $dbh->prepare("update movies set status=? where uniqueid=?");
so as you see i am just placing a ? inside my query and when i execute it i am defining variables there, by doing so, DBI will autoescape your characters, and insert data into DB.
hope that helps.