We value your feedback.
Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!
Course Of The Month
6 days, 20 hours left to enrollBecome a Premium Member and unlock a new, free course in leading technologies each month.
Solved
quoting a comma separated list
Posted on 2016-09-05
Hi
I have a comma separated list that has 1 or more elements
something like
when printed I need $list to look like this
eventually it will form part of a sql query thus
what is the quickest way of doing this?
I have a comma separated list that has 1 or more elements
something like
my $list = "One,Two,Three";
or
my $list = "One";
when printed I need $list to look like this
'One','Two','Three'
eventually it will form part of a sql query thus
my $sql = "select * from table where stuff IN ($list)"; ## only to illustrate
what is the quickest way of doing this?
[X]
Welcome to Experts Exchange
Add your voice to the tech community where 5M+ people just like you are talking about what matters.
- Help others & share knowledge
- Earn cash & points
- Learn & ask questions
10
5-
3
- +1
20 Comments
Something like this:
my $list = "One,Two,Three";
my @list = split /,/, $list;
s/(.+)/"$1"/ foreach (@list);
my $formatted = join ',', @list;
Active today
Hi trevor,
How's this grab ya?:
my $list = "One,Two,Three";
($list = "'" . $list . "'") =~ s/,/','/g;
If you prefer dda's solution, I think you'll be wanting to change this line:
s/(.+)/"$1"/ foreach (@list);
to this:
s/(.+)/'$1'/ foreach (@list);
which could be abbreviated to this:
s/.+/'$&'/ for @list;
How's this grab ya?:
my $list = "One,Two,Three";
($list = "'" . $list . "'") =~ s/,/','/g;
If you prefer dda's solution, I think you'll be wanting to change this line:
s/(.+)/"$1"/ foreach (@list);
to this:
s/(.+)/'$1'/ foreach (@list);
which could be abbreviated to this:
s/.+/'$&'/ for @list;
Active 2 days ago
@tel2
I had thought of using substitution wasn't sure if this good practice?
having never seen $& I googled
This link suggests
In your example $& only exists in the for loop so I'm assuming it's OK?
dose this mean it's not local? ie not confined to inside A loop if or sub?
I had thought of using substitution wasn't sure if this good practice?
s/.+/'$&'/ for @list;
my $formatted = join ',', @list;
print "$formatted [$&] \n";
outputs
'One','Two','Three' []
having never seen $& I googled
This link suggests
Never use $&, except maybe when golfing, or on a one-liner where efficiency or good style is not an issue.
In your example $& only exists in the for loop so I'm assuming it's OK?
Usage of $& etc. imposes an overhead on all pattern matches globally. You don't want that.
dose this mean it's not local? ie not confined to inside A loop if or sub?
Active today
Hi trevor,
> "I had thought of using substitution wasn't sure if this good practice?"
I assume you're talking about the substitution in the code that you included above (i.e. dda's solution that I modified slightly), rather than the substitution in my own solution, are you?
Either way, sorry - I hadn't heard of that stuff about $&, and I don't know the answers to your questions, but thanks for telling me.
But yes, I expect $& is just not visible later because it's local to the for loop, as you suggest. Same problem occurs with $1. It is visible later if you do a substitution without a loop.
Just use this not quite so abbreviated version of that line, if you want to play safe:
s/(.+)/'$1'/ for @list;
But did you see my own solution, which is a single line of code which doesn't use arrays? It's at the top of my first post. Any concerns with that option?
> "I had thought of using substitution wasn't sure if this good practice?"
I assume you're talking about the substitution in the code that you included above (i.e. dda's solution that I modified slightly), rather than the substitution in my own solution, are you?
Either way, sorry - I hadn't heard of that stuff about $&, and I don't know the answers to your questions, but thanks for telling me.
But yes, I expect $& is just not visible later because it's local to the for loop, as you suggest. Same problem occurs with $1. It is visible later if you do a substitution without a loop.
Just use this not quite so abbreviated version of that line, if you want to play safe:
s/(.+)/'$1'/ for @list;
But did you see my own solution, which is a single line of code which doesn't use arrays? It's at the top of my first post. Any concerns with that option?
Active today
Why are you using a scalar to hold a coma separated list of values? You should be using an array.
The methods suggested so far will have problems if there are quotes already within the string. A better approach would be to use DBI's quote method.
An even better approach (to prevent sql injection) would be to use placeholders and pass the list in the execute statement instead of the prepare statement.
The methods suggested so far will have problems if there are quotes already within the string. A better approach would be to use DBI's quote method.
my $string = join q{,}, map $dbh->quote($_), @list;
my $string = join q{,}, map $dbh->quote($_), split /,/, $list;
An even better approach (to prevent sql injection) would be to use placeholders and pass the list in the execute statement instead of the prepare statement.
Active today
Fair points FishMonger. Depends on the source and possible content of the data.
Trevor,
I found this about $&:
Regarding the globalness of $& (and even $1), I think this code:
"Usage of $& etc. imposes an overhead on all pattern matches globally."
It sounds as if he's just referring to what is being said in the "WARNING" I pasted above.
Trevor,
I found this about $&:
"WARNING: If your code is to run on Perl 5.16 or earlier, beware that once Perl sees that you need one of $& , $` , or $' anywhere in the program, it has to provide them for every pattern match. This may substantially slow your program."The above and more info on that issue can be found here: http://perldoc.perl.org/perlre.html
Regarding the globalness of $& (and even $1), I think this code:
$var = "Outer";
$var =~ /.(.+)/;
print "1st=$1\nAll=$&\n";
{
$var = "Inner";
$var =~ /.(.+)/;
print "1st=$1\nAll=$&\n";
}
print "1st=$1\nAll=$&\n";
1st=uter
All=Outer
1st=nner
All=Inner
1st=uter
All=Outer
"Usage of $& etc. imposes an overhead on all pattern matches globally."
It sounds as if he's just referring to what is being said in the "WARNING" I pasted above.
Active today
I mentioned using placeholders and put the list in the execute statement but I didn't give the example code. Here it is:
use strict;
use warnings;
use DBI;
my $dbh = DBI->connect(....);
my $list = "One,Two,Three";
my @list = split /,/, $list;
my $sql = "select * from table where stuff IN ( join(',', ('?') x @list) )";
my $sth = $dbh->prepare($sql);
$sth->execute(@list);
Active today
Yes, FishMonger, if it's an environment that is prone to SQL injection.
But I don't think your line 8 is going to work. Have you tested it? Is this the kind of thing you meant?:
my $sql = 'select * from table where stuff IN (' . join(',', '?' x @list) . ')';
But I don't think your line 8 is going to work. Have you tested it? Is this the kind of thing you meant?:
my $sql = 'select * from table where stuff IN (' . join(',', '?' x @list) . ')';
Active today
You're right, I didn't test it. You're adjusted version is correct.
In production scripts I add additional vertical and horizontal whitespace to make it more readable and maintainable.
In production scripts I add additional vertical and horizontal whitespace to make it more readable and maintainable.
my $sql = "select *
from table
where stuff IN (" . join(',', ('?') x @list) . ")";
Active today
The parens are needed to put it into list context. Without them the where clause would be:
where stuff IN (???)
instead the required
where stuff IN (?,?,?)
If you want more readable, add a space to the join statement.
join(', ', ('?') x @list)
where stuff IN (???)
instead the required
where stuff IN (?,?,?)
If you want more readable, add a space to the join statement.
join(', ', ('?') x @list)
Active 2 days ago
@tel2
I wasn't actually I was referring to your simple solution
In the current context would probably be good enough as the list elements only consists of 3 figures from a know source so no possibility of SQL injection however I think fishmonger solution to use placeholders and pass the list in the execute statement is better practice I didn't know you could do that
Thanx for the info on the use of "$1" & "$&"
> "I had thought of using substitution wasn't sure if this good practice?"
I assume you're talking about the substitution in the code.............
I wasn't actually I was referring to your simple solution
my $list = "One,Two,Three";
($list = "'" . $list . "'") =~ s/,/','/g;
In the current context would probably be good enough as the list elements only consists of 3 figures from a know source so no possibility of SQL injection however I think fishmonger solution to use placeholders and pass the list in the execute statement is better practice I didn't know you could do that
Thanx for the info on the use of "$1" & "$&"
Active today
I guess it would be better practice, trevor, except in situations where you know your source data will never have the issues which require the extra complexity.
Active today
I wouldn't use the word "except". The approach I suggested IS the better practice in either case, but using the regex approach is acceptable if you know that the data will always be coming from a known/trusted source and format.
I have several scripts I wrote years ago where the input data was from and expected to always be from a trusted source so I used acceptable but not best practices when parsing that data. But over time things changed and after awhile the building of the input data was farmed out to a 3rd party and could no longer be trusted in the same way and I started to have random failures which took awhile to troubleshoot due to the data source assumption and acceptable but not best practice code.
I have several scripts I wrote years ago where the input data was from and expected to always be from a trusted source so I used acceptable but not best practices when parsing that data. But over time things changed and after awhile the building of the input data was farmed out to a 3rd party and could no longer be trusted in the same way and I started to have random failures which took awhile to troubleshoot due to the data source assumption and acceptable but not best practice code.
Active today
I used the word "except", in the context of my sentence, which included:
"...where you know your source data will never have the issues which require the extra complexity".
If you don't "know" it (which is more than just "expecting" it), then it might be best to go for the more complex option.
But if you do know it, or are happy with the risks, and you just want "the quickest way of doing this" (as was specified in the original post), then simpler options may be appropriate.
(I "know" that there are technically few things we can 100% "know" in this life, but let's just say I'm talking about knowing it beyond reasonable doubt, or to a level which is appropriate for the application.)
"...where you know your source data will never have the issues which require the extra complexity".
If you don't "know" it (which is more than just "expecting" it), then it might be best to go for the more complex option.
But if you do know it, or are happy with the risks, and you just want "the quickest way of doing this" (as was specified in the original post), then simpler options may be appropriate.
(I "know" that there are technically few things we can 100% "know" in this life, but let's just say I'm talking about knowing it beyond reasonable doubt, or to a level which is appropriate for the application.)
Featured Post
June’s Course of the Month is now available! Experts Exchange’s Premium Members, Team Accounts, and Qualified Experts have access to a complimentary course each month as part of their membership—an extra way to sharpen your skills and increase training.
Question has a verified solution.
If you are experiencing a similar issue, please ask a related question
On Microsoft Windows, if  when you click or type the name of a .pl file, you get an error "is not recognized as an internal or external command, operable program or batch file", then this means you do not have the .pl file extension associated with …
There are many situations when we need to display the data in sorted order. For example: Student details by name or by rank or by total marks etc. If you are working on data driven based projects then you will use sorting techniques very frequently.…
Explain concepts important to validation of email addresses with regular expressions. Applies to most languages/tools that uses regular expressions.
Consider email address RFCs:
Look at HTML5 form input element (with type=email) regex pattern:
T…
Suggested Courses
Course of the Month6 days, 20 hours left to enroll
726 members asked questions and received personalized solutions in the past 7 days.
Join the community of 500,000 technology professionals and ask your questions.