Hello Lloyd,
I gave you the answer, you just don't want to use it. Generating SQL
this way is painful, messy and error prone. SQLite already has a far
better mechanism for doing it using late binding of the parameters.
How about learning the right way to do this?
I'll give you a hint though
sql += "','";
sql += "details.statime";
sql += "','";
...
should work
You could do it with sprintf too and/or some IO stream thing but, I
never use them.
Conrad
Saturday, September 9, 2006, 9:41:01 PM, you wrote:
LT> if I could somehow create the following string as a char i cpuld probably
LT> get the code to work.
LT> sql = "insert into call_data (direction, call_time, dest,
LT> trunk_no, file_name)values('";
LT> sql += details.inout;
LT> sql += "','";
LT> sql += details.statime;
LT> sql += "','";
LT> sql += details.cidn;
LT> sql += "'";
LT> sql +=details.channel;
LT> sql += "','";
LT> sql += details.filename;
LT> sql += "')";
LT> I am getting stuck adding exist chars to the sql char
LT> defined chars
LT> ^ ^
LT> sql = "insert into call_data(direction,
LT> call_time)values('details.inout','details.statime)"
LT> Do you have any ideas?
LT> Lloydie T
LT> ----- Original Message -----
LT> From: "Teg" <[EMAIL PROTECTED]>
LT> To: "Lloyd Thomas" <sqlite-users@sqlite.org>
LT> Sent: Sunday, September 10, 2006 12:47 AM
LT> Subject: Re[2]: [sqlite] A lillte help adding sqlite to a c program
>> Hello Lloyd,
>>
>> You need to escape the quotes. Remember in C and C++ " means the
>> beginning or end of a literal string so, when you want to embed quotes
>> in a string you have to escape them. Probaby \".
>>
>> You'd be better off using the paramaterized version of the SQL
>>
>> std::string sql = "insert into call_data (direction, call_time, dest,
>> trunk_no,
>> file_name)values(?,?,?,?,?);";
>>
>> Then bind the actual parameters after the fact.
>>
>> C
>>
>>
>> Saturday, September 9, 2006, 7:02:43 PM, you wrote:
>>
>> LT> Jay, Thanks for your reply.
>> LT> I gave it a try with and got a few errors. as follows
>> LT> ---------------------------------------------------------------
>> LT> logger.cpp:609: error: invalid operands of types `const char[80]' and
>> LT> `char[4]' to binary `operator+'
>> LT> logger.cpp:615: error: `t' was not declared in this scope
>> LT> logger.cpp:615: warning: unused variable 't'
>> LT> logger.cpp:634: error: jump to case label
>> LT> logger.cpp:631: error: crosses initialization of `std::string test2'
>> LT> logger.cpp:628: error: crosses initialization of `std::string test1'
>> LT> logger.cpp:637: error: jump to case label
>> LT> logger.cpp:631: error: crosses initialization of `std::string test2'
>> LT> logger.cpp:628: error: crosses initialization of `std::string test1'
>> LT> logger.cpp:638: error: jump to case label
>> LT> logger.cpp:631: error: crosses initialization of `std::string test2'
>> LT> logger.cpp:628: error: crosses initialization of `std::string test1'
>> LT> logger.cpp:639: error: jump to case label
>> LT> logger.cpp:631: error: crosses initialization of `std::string test2'
>> LT> logger.cpp:628: error: crosses initialization of `std::string test1'
>> LT> logger.cpp:641: error: `t' was not declared in this scope
>> LT> logger.cpp:641: warning: unused variable 't'
>> LT> logger.cpp:664: error: jump to case label
>> LT> logger.cpp:621: error: crosses initialization of `bool Loop'
>> LT> logger.cpp:634: warning: destructor needed for `test2'
>> LT> logger.cpp:634: warning: where case label appears here
>> LT> logger.cpp:634: warning: (enclose actions of previous case statements
>> LT> requiring destructors in their own scope.)
>> LT> logger.cpp:637: warning: destructor needed for `test2'
>> LT> logger.cpp:637: warning: where case label appears here
>> LT> logger.cpp:638: warning: destructor needed for `test2'
>> LT> logger.cpp:638: warning: where case label appears here
>> LT> logger.cpp:639: warning: destructor needed for `test2'
>> LT> logger.cpp:639: warning: where case label appears here
>> LT> make: *** [logger.o] Error 1
>> LT> ------------------------------------------------------
>> LT> line 609 =
>> LT> sql = "insert into call_data (direction, call_time, dest, trunk_no,
>> LT>
>> file_name)values('"+details.inout+"','"+details.statime+"','"+details.cidn+"'"+details.channel+"','"+details.filename+"')";
>>
>>
>>
>>
>>
>>
>> LT> ----- Original Message -----
>> LT> From: "Jay Sprenkle" <[EMAIL PROTECTED]>
>> LT> To: <sqlite-users@sqlite.org>
>> LT> Sent: Saturday, September 09, 2006 11:16 PM
>> LT> Subject: Re: [sqlite] A lillte help adding sqlite to a c program
>>
>>
>>>> On 9/9/06, Lloyd Thomas <[EMAIL PROTECTED]> wrote:
>>>>> I know nothing of C++ and therefore need a lilte help editing a C++ app
>>>>> to
>>>>> insert some records into a database.
>>>>
>>>> here's an example to read from a database.
>>>> If you build the sql like you're doing and you use it on the web you
>>>> leave yourself
>>>> open to sql injection attacks. Using the bind() method eliminates that
>>>> vulnerability.
>>>> Something to consider.
>>>>
>>>> Jay
>>>>
>>>>
>>>> Here's some example code:
>>>>
>>>> sqlite3* db;
>>>>
>>>> // connect to database
>>>> if ( sqlite3_open( "test.db", &db ) )
>>>> throw "Can't open database";
>>>>
>>>> char* sql;
>>>>
>>>> sql = "SELECT one.test1, two.test2"
>>>> " FROM one"
>>>> " INNER JOIN two ON one.id = two.id"
>>>> ;
>>>> sqlite3_stmt* pStmt;
>>>>
>>>> if ( sqlite3_prepare( db, sql, strlen(sql), &pStmt, NULL ) !=
>>>> SQLITE_OK )
>>>> {
>>>> string str = "Cannot prepare sql: ";
>>>> str += sql[t];
>>>> str += ", Error: ";
>>>> str += sqlite3_errmsg(db);
>>>> throw str.c_str();
>>>> }
>>>>
>>>> bool Loop = true;
>>>> while ( Loop )
>>>> switch ( sqlite3_step( pStmt ) )
>>>> {
>>>> case SQLITE_ROW:
>>>> // retrieve the results
>>>> char* p = (char *) sqlite3_column_text( pStmt, 0 );
>>>> string test1 = string( p ? p : "" );
>>>>
>>>> p = (char *) sqlite3_column_text( pStmt, 1 );
>>>> string test2 = string( p ? p : "" );
>>>>
>>>> break;
>>>> case SQLITE_DONE:
>>>> Loop = false;
>>>> break;
>>>> case SQLITE_BUSY:
>>>> case SQLITE_LOCKED:
>>>> default:
>>>> string str = "Cannot execute sql: ";
>>>> str += sql[t];
>>>> str += ", Error: ";
>>>> str += sqlite3_errmsg(db);
>>>> throw str.c_str();
>>>> break;
>>>> }
>>>>
>>>> // clean up when finished
>>>> sqlite3_finalize( pStmt );
>>>>
>>>> sqlite3_close( db );
>>>>
>>>>
>>>>
>>>> --
>>>> SqliteImporter and SqliteReplicator: Command line utilities for Sqlite
>>>> http://www.reddawn.net/~jsprenkl/Sqlite
>>>>
>>>> Cthulhu Bucks!
>>>> http://www.cthulhubucks.com
>>>>
>>>> -----------------------------------------------------------------------------
>>>> To unsubscribe, send email to [EMAIL PROTECTED]
>>>> -----------------------------------------------------------------------------
>>>>
>>
>>
>> LT>
>> -----------------------------------------------------------------------------
>> LT> To unsubscribe, send email to
>> [EMAIL PROTECTED]
>> LT>
>> -----------------------------------------------------------------------------
>>
>>
>>
>>
>> --
>> Best regards,
>> Teg mailto:[EMAIL PROTECTED]
>>
>>
>> -----------------------------------------------------------------------------
>> To unsubscribe, send email to [EMAIL PROTECTED]
>> -----------------------------------------------------------------------------
>>
LT>
-----------------------------------------------------------------------------
LT> To unsubscribe, send email to [EMAIL PROTECTED]
LT>
-----------------------------------------------------------------------------
--
Best regards,
Teg mailto:[EMAIL PROTECTED]
-----------------------------------------------------------------------------
To unsubscribe, send email to [EMAIL PROTECTED]
-----------------------------------------------------------------------------
