View Full Version : CGI/Mysql

11-20-2009, 09:43 AM
Hi guys,

i have a slight problem.

i am displaying data from a textbox and putting that variable in the database query the first time and the result is a radio group i get .

From there, i try to display another data whose variable is stored in a different db query but it doesnt take that variable.
if i replace the variable with a keyword ..it works..Please work.. i have highlighted the variable.


use CGI;
use CGI qw(:standard);
use CGI::Carp qw(fatalsToBrowser);
use DBI;
use DBD::mysql;
print "Content-type: text/html\n\n";

print start_html();
print start_form( -name=>'search', -method=>'POST', -action=>'species_option.pl');
print p("Enter the first letter of the species");
print textfield(-type=>'text', -name=>'letter');

print submit();
print br();
print br();

my $driver='mysql';
my $database='hittesh';
my $letter=param('letter');

my $dsn="DBI:$driver:database=$database";
my $dbh = DBI->connect($dsn,"root" , );
$dbquery = qq(SELECT species_name FROM species_list where Alpha like '$letter') ;
$sth = $dbh->prepare($dbquery);

while (@row = $sth->fetchrow_array()) {
foreach $x (@row)

print radio_group(-name=>'species', -values=>$x);

print br();


print br();
print start_form(-name=>'list', -method=>'POST', -action=>'species_option.pl');
#print textfield(-type=>'text', -default=>$y);
print submit(-type=>'submit', -name=>'submit_data', -value=>'Get');
$dbq = qq(SELECT * FROM species_details where spec_name like '$y') ;

$sth1 = $dbh->prepare($dbq);


#while (@row = $sth->fetchrow_array()) {
# foreach $ab (@row)
# {
print br();
print table({-border=>'2'});

print caption,b(('Displaying data for:',$y));
print hr();
print br();
print TR([th(['Observer Name','Date & Time','Latitude','Longitude','Species','Number Of Species'])]);

while (my $hashref= $sth1->fetchrow_hashref()) {

print br();
print TR();
print td( " $hashref->{'obs_name'}\n");
print td( " $hashref->{'datetime'}\n");
print td( " $hashref->{'latitude'}\n");
print td( " $hashref->{'longitude'}\n");
print td( " $hashref->{'spec_name'}\n");
print td( " $hashref->{'no_of_spec'}\n");


print br();

11-20-2009, 12:33 PM
welcome to CF.

OK, you could make your queries like this

FROM species_details
where spec_name like '%${letter}%'

then make your execute statement like this


As you have it, I don't think you need the () after execute but placeholders, which is how I showed you above, is a better way, imv because it strips out special characters.

btw, I expect you used the * in your query for simplicity. in case you aren;t yet aware, you should select only the columns you need.