Home » U++ Library support » U++ SQL » Issue with sql.execute(const String&)
| Re: Issue with sql.execute(const String&) [message #28433 is a reply to message #28410] |
Wed, 01 September 2010 21:27   |
zsolt
Messages: 698
Registered: December 2005
Location: Budapest, Hungary
|
Contributor |
|
|
It is a better practice to use SqlExp, even if you don't have a schema file.
It is very easy to do SQL syntax errors if you don't use a helper like SqlExp
sql * Select(SqlAll())
.From(SqlId("codetechnic"))
.Where(SqlId("codefamille") == ~mydroplist1 && SqlId("product") == ~mydroplist2);
I didn't check if it is syntactically correct, but I hope so.
And this will guard you against sql-injection bugs.
[Updated on: Wed, 01 September 2010 21:29] Report message to a moderator |
|
|
|
Current Time: Tue Jun 11 00:27:48 CEST 2024
Total time taken to generate the page: 0.01401 seconds
|
Members
Pages
Help
Register
Login
Home
