commit ca5e0ae81d7f9ea38bc84737ab7fc833297de892
parent 0db3454a5efa45100efe44b373d8a5d3b428d1f1
Author: Kyle Milz <kyle@getaddrinfo.net>
Date: Sat, 1 Nov 2014 18:25:06 -0600
search: use prepare and execute style queries
Diffstat:
1 file changed, 5 insertions(+), 3 deletions(-)
diff --git a/search.pl b/search.pl
@@ -28,6 +28,9 @@ my $config = {
};
my $template = Template->new($config);
+my $query = "select part_num from products where title like ? or part_num like ?";
+my $search_sth = $dbh->prepare($query);
+
while ($request->Accept() >= 0) {
print "Content-Type: text/html\r\n\r\n";
@@ -38,9 +41,8 @@ while ($request->Accept() >= 0) {
read(STDIN, my $input, $ENV{CONTENT_LENGTH});
(undef, $input) = split("=", $input);
- my $query = "select part_num from products where title like ? or part_num like ?";
- my $products = $dbh->selectcol_arrayref($query, undef,
- "%$input%", "%$input%");
+ $search_sth->execute("%$input%", "%$input%");
+ my $products = $search_sth->fetchall_arrayref();
my $vars = {
query => "\"$input\"",
