[ic] SQL query returning no results
Kevin Walsh
kevin at cursor.biz
Fri Oct 27 12:12:24 EDT 2006
ic at 3edge.com wrote:
> Kevin gave the solution to change:
> @array = split(/-/,$CGI->{from});
> in
> @array = split(/\0/,$CGI->{from});
>
> What confuses me in this is that above you say that you have returned the
> sql string from this perl block and with that you got a correct query.
>
> Perhaps Kevin can shed a light on that one aswell? I'd think that you would
> not be able to have done a split with the - , so there would not have been a
> correct sql query in the first place? Or is there something magic going on?
>
The <form> variables are always stacked using an ASCII NUL character.
If you then add your own character (say "-") then the resulting stack
of "A-" and "B-" would be "A-\0B-".
If the above string is split on "-" then you would get "A" and "\0B".
The SQL, as it stood, would make an additional AND clause using "\0B"
and therefore find no results.
If there was only a "A-" in the original stack then you would get
just an "A" out of the split. In that case, there would be no extra
AND clauses with ASCII NUL characters to mess up the SQL, and so it
would work as expected.
--
_/ _/ _/_/_/_/ _/ _/ _/_/_/ _/ _/
_/_/_/ _/_/ _/ _/ _/ _/_/ _/ K e v i n W a l s h
_/ _/ _/ _/ _/ _/ _/ _/_/ kevin at cursor.biz
_/ _/ _/_/_/_/ _/ _/_/_/ _/ _/
More information about the interchange-users
mailing list