Hi- I hope this doesn't sound like criticism of the efforts so far; I think Koha is excellent work. However, I'm wondering about the DBI usage in the code. It appears that everything I've read on DBI says not to put variables into the SQL statement but to use placeholder parameters instead. For example, right now everything looks something like this: my $q_value=$dbh->quote($value); my $sth=$dbh->prepare("select my_field from my_table where my_criteria=$q_value"); $sth->execute; Whereas what I've read on the subject says it should be done like: my $sth=$dbh->prepare("select my_field from my_table where my_criteria=?"); $sth->execute($value); This doesn't require double the variables for all the quoting, and in a loop the prepare only has to be done once. I'm especially confused about things I see in the code like: $biblioitem->{'volume'} = $dbh->quote($biblioitem->{'volume'}); I think I'd be confused in keeping track of which things you have or haven't quoted already. I'd like to contribute to the project, and I'm happy to clean up things like this as I come across them. I'm wondering if there is a particular reason it's being done the way it is, or did it "just happen" this way? Thanks! - Alan -- ---- Alan Millar --==> am12@bolis.com <==--