hi, i have this code (below), and i wanted to take values from a webpage instead of it directly inserting values, how would i do that?
im sure i have to use REQUEST or something, but not sure how to do it, pleaaaseeee help...thanks -
-
my $dbh = DBI->connect("dbi:Oracle:ORA8", "username","password")
-
or die "Cannot connect: " . $DBI::errstr;
-
$dbh->do("INSERT INTO Student (StudentID, FirstName, LastName, DateOfBirth, Coursecode) VALUES (1234,'Josephine', 'Williams', TO_DATE('02-Feb-1980'),'2COS6')")
-
or die "Cannot do: " . $dbh->errstr();
-
-
$dbh->disconnect();
-
12  1523 
Have a look at the DBI documentation for "Placeholders and Bind Values".
Also, this really looks like homework/schoolwork/coursework. Please read our Posting Guidelines regarding Homework.
--Kevin
Have a look at the DBI documentation for "Placeholders and Bind Values".
Also, this really looks like homework/schoolwork/coursework. Please read our Posting Guidelines regarding Homework.
--Kevin
It may or may not be, but I am more wondering how closely related this and his other question regarding Perl and Oracle are. If they ARE the same project, why not just ask them both in the same thread?
If you want Kevin, go ahead and merge the two if they seem too closely related.
oh sorry, im really bad with all these stuff as in forums and all that...
but yeah their not realted so....
but thanks next time ill keep in mind
oh sorry, im really bad with all these stuff as in forums and all that...
but yeah their not realted so....
but thanks next time ill keep in mind
You say that they are not related, yet they look to be the same project. Am I correct in this assessment? If they are, you can probably include them together in the same thread to get them answered. There is nothing stating you can't ask two or more questions in a thread, especially if they relate to the same project you are working on.
Regards,
Jeff
Essentially, you take your incoming form data and untaint it (which is not shown here) then you assign it to a variable and if the value is not defined, then the new value will be undef. Which will keep the placholders from breaking the code if the values are not defiend. - my $StudentID = $q->param('StudentID') || undef;
-
my $FirstName = $q->param('FirstName') || undef;
-
my $LastName = $q->param('LastName') || undef;
-
my $DateOfBirth = $q->param('DateOfBirth') || undef;
-
my $Coursecode = $q->param('Coursecode') || undef;
Then do an insert statement as shown. There must be equal number of Placholders (?) as you do values. Placeholders will automatically escape your data for you. - my $insert = $dbh->prepare(q{INSERT INTO Student(StudentID, FirstName, LastName, DateOfBirth, Coursecode) VALUES (?,?,?,?,?)});
-
$insert->execute($StudentID, $FirstName, $LastName, $DateOfBirth, $Coursecode);
-
$insert->finish();
If you have any problems then please post back.
--Kevin
Essentially, you take your incoming form data and untaint it (which is not shown here) then you assign it to a variable and if the value is not defined, then the new value will be undef. Which will keep the placholders from breaking the code if the values are not defiend.
- my $StudentID = $q->param('StudentID') || undef;
-
my $FirstName = $q->param('FirstName') || undef;
-
my $LastName = $q->param('LastName') || undef;
-
my $DateOfBirth = $q->param('DateOfBirth') || undef;
-
my $Coursecode = $q->param('Coursecode') || undef;
Then do an insert statement as shown. There must be equal number of Placholders (?) as you do values. Placeholders will automatically escape your data for you.
- my $insert = $dbh->prepare(q{INSERT INTO Student(StudentID, FirstName, LastName, DateOfBirth, Coursecode) VALUES (?,?,?,?,?)});
-
$insert->execute($StudentID, $FirstName, $LastName, $DateOfBirth, $Coursecode);
-
$insert->finish();
If you have any problems then please post back.
--Kevin
Thanks a lot mate, what do you mean by untaint?
ok this is what i will do after looking at the code you gave me, i will make a html file which obviously has a form with post, and then add - my $StudentID = $q->param('StudentID') || undef;
-
my $FirstName = $q->param('FirstName') || undef;
-
my $LastName = $q->param('LastName') || undef;
-
my $DateOfBirth = $q->param('DateOfBirth') || undef;
-
my $Coursecode = $q->param('Coursecode') || undef;
to store my values into a variable.
so does that mean i dont have to use _REQUEST on my perl program?
and what is $q->param in the code? because i have to explain it in my project.
thanks.
the param() function is a function of the CGI modules standard interface. Read the CGI documentation for implementation and general information: http://perldoc.perl.org/CGI.html
I am using the CGI.pm to get the values of the various fields. - #create a CGI object.
-
my $q = CGI new;
-
-
#get the various params using CGI.pm
-
# This would be the value entered into the textfield named "field1"
-
$q->param('field1');
-
-
#The undef is telling it to be undefined and enter a null value into the database if the field is empty or left blank.
-
$q->param('field1') || undef;
-
-
#This assigns it to a variable that can be used in the script elsewhere
-
my $variable = $q->param('field1') || undef;
To help you learn more read the documentation about the CGI.pm and also check out the http://perldoc.perl.org/5.8.8/]perldocs for about perl.
When trying to learn CGI scripts using perl this site is helpful.
--Kevin
As for the "What is untaint?" checkout perlsec. Here is an example of untaintaing data using a regex. - my $var;
-
-
if ( $q=>param('var') =~ /^(?:([\w\s+\d\']+))$/) {
-
$var = $1;
-
}
-
-
print $var;
When in taint mode perl treats incoming data as tainted and untrustworthy. Therefore, you must check to make sure that the data is what you are expecting it to be based on the regex in this case. Taint mode is turned on my using the -T on the first line after the path to perl.
--Kevin
hi yall...thanks for helping me out
i have thoguth about what you guys have commented, but wasnt able to get it to work, but i have done this so far and it works fine and it add data ro my database, so if anyone can help me to add all the commenets made about -
my $dbh = DBI->connect("dbi:Oracle:ORA8", "username","password")
-
or die "Cannot connect: " . $DBI::errstr;
-
$dbh->do("INSERT INTO Student (StudentID, FirstName, LastName, DateOfBirth, Coursecode) VALUES (1234,'Josephine', 'Williams', TO_DATE('02-Feb-1980'),'2COS6')")
-
or die "Cannot do: " . $dbh->errstr();
-
-
and when i add this bit below, i get error messgas of the variables - my $StudentID = $q->param('StudentID') || undef;
-
my $FirstName = $q->param('FirstName') || undef;
-
my $LastName = $q->param('LastName') || undef;
-
my $DateOfBirth = $q->param('DateOfBirth') || undef;
-
my $Coursecode = $q->param('Coursecode') || undef;
Well, we will need two things, the code that is producing the errors and the errors them self. If your code is not to long post it here and we can take a look at it for you.
I would have to assume it is because you are not using the CGI.pm and the code I gave you is.
--Kevin
Well, we will need two things, the code that is producing the errors and the errors them self. If your code is not to long post it here and we can take a look at it for you.
I would have to assume it is because you are not using the CGI.pm and the code I gave you is.
--Kevin
yes i am using CGI, just now i got error saying that theres a internal server error, so i asked me lecturer to look into and then i will post the errors that i get of the codes.
thanks
Sign in to post your reply or Sign up for a free account.
Similar topics
by: Xah Lee |
last post by:
Split File Fullpath Into Parts
Xah Lee, 20051016
Often, we are given a file fullpath and we need to split it into the
directory name and file name. The file name is often split into a core...
|
by: Kirt Loki Dankmyer |
last post by:
So, I download the latest "stable" tar for perl (5.8.7) and try to compile
it on the Solaris 8 (SPARC) box that I administrate. I try all sorts of
different switches, but I can't get it to compile....
|
by: KevinADC |
last post by:
Note: You may skip to the end of the article if all you want is the perl code.
Introduction
Uploading files from a local computer to a remote web server has many useful purposes, the most...
|
by: owlice |
last post by:
Greetings!
I thought I'd add a little something to a web site, a "tip of the week," and wanted it automated so that if I get hit by a truck (or, more likely, am forgetful), the tip is updated...
|
by: happyse27 |
last post by:
Hi All,
my html code is sno 1) and perl code is sno 2).
a) I tried to print $filename and it cant print out the value, only blank was displayed, and the file could not be uploaded. And it...
|
by: happyse27 |
last post by:
Hi All,
I got this apache errors(see section A1 and A2 below) when I used a html(see section b below) to activate acctman.pl(see section c below). Section D below is part of the configuration...
|
by: KevinADC |
last post by:
Note: You may skip to the end of the article if all you want is the perl code.
Introduction
Many websites have a form or a link you can use to download a file. You click a form button or click...
|
by: happyse27 |
last post by:
Hi All,
I am creating the perl script using html form(with embedded javascript inside).
When using this html form with javascript alone, it works where the form validation will pop up...
|
by: taylorcarr |
last post by:
A Canon printer is a smart device known for being advanced, efficient, and reliable. It is designed for home, office, and hybrid workspace use and can also be used for a variety of purposes. However,...
|
by: aa123db |
last post by:
Variable and constants
Use var or let for variables and const fror constants.
Var foo ='bar';
Let foo ='bar';const baz ='bar';
Functions
function $name$ ($parameters$) {
}
...
|
by: ryjfgjl |
last post by:
In our work, we often receive Excel tables with data in the same format. If we want to analyze these data, it can be difficult to analyze them because the data is spread across multiple Excel files...
|
by: BarryA |
last post by:
What are the essential steps and strategies outlined in the Data Structures and Algorithms (DSA) roadmap for aspiring data scientists? How can individuals effectively utilize this roadmap to progress...
|
by: nemocccc |
last post by:
hello, everyone, I want to develop a software for my android phone for daily needs, any suggestions?
|
by: Sonnysonu |
last post by:
This is the data of csv file
1 2 3
1 2 3
1 2 3
1 2 3
2 3
2 3
3
the lengths should be different i have to store the data by column-wise with in the specific length.
suppose the i have to...
|
by: Hystou |
last post by:
There are some requirements for setting up RAID:
1. The motherboard and BIOS support RAID configuration.
2. The motherboard has 2 or more available SATA protocol SSD/HDD slots (including MSATA, M.2...
|
by: marktang |
last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However,...
|
by: Hystou |
last post by:
Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can...
| |
