On 12.12.2015 08:44, Suliman wrote:
string query_string = (`SELECT user, password FROM otest.myusers where user LIKE ` ~ `'%` ~ request["username"].to!string ~ `%';`);Don't piece queries together without escaping the dynamic parts. Imagine what happens when the user enters an apostrophe in the username field.Do you mean to wrap: request["username"].to!string in quotes?
no