|
|
Home » U++ Library support » U++ SQL » Issue with sql.execute(const String&)
|
Re: Issue with sql.execute(const String&) [message #28433 is a reply to message #28410] |
Wed, 01 September 2010 21:27 |
zsolt
Messages: 698 Registered: December 2005 Location: Budapest, Hungary
|
Contributor |
|
|
It is a better practice to use SqlExp, even if you don't have a schema file.
It is very easy to do SQL syntax errors if you don't use a helper like SqlExp
sql * Select(SqlAll())
.From(SqlId("codetechnic"))
.Where(SqlId("codefamille") == ~mydroplist1 && SqlId("product") == ~mydroplist2);
I didn't check if it is syntactically correct, but I hope so.
And this will guard you against sql-injection bugs.
[Updated on: Wed, 01 September 2010 21:29] Report message to a moderator
|
|
|
|
|
|
Goto Forum:
Current Time: Wed Jun 05 05:14:25 CEST 2024
Total time taken to generate the page: 0.02474 seconds
|
|
|