- my $updquery = "update reserves
- set found = 'W',itemnumber='$itemno'
- where borrowernumber = $resrec->{'borrowernumber'}
- and reservedate = '$resrec->{'reservedate'}'
- and biblionumber = $resrec->{'biblionumber'}";
- my $updsth = $dbh->prepare($updquery);
- $updsth->execute;
+ my $updsth = $dbh->prepare("update reserves
+ set found = 'W',itemnumber = ?
+ where borrowernumber = ?
+ and reservedate = ?
+ and biblionumber = ?");
+ $updsth->execute($itemno,$resrec->{'borrowernumber'},$resrec->{'reservedate'},$resrec->{'biblionumber'});