sqlite_query($handle, "INSERT INTO course VALUES (?,?,?,?,?)", array($semester, $course, $course_desc, $college, $reference))
Jolan Luff wrote:
sqlite_query($db, "INSERT INTO whints (whid, whregex, " . "whcatid) VALUES (NULL, '" . sqlite_escape_string($val) . "', '" . sqlite_escape_string($_REQUEST["whcatid_new"]) . "')");
Extension writers, it is worth noting how this same binding operation is done in TCL:
db eval {INSERT INTO course VALUES($semester, $course, $course_desc, $college, $reference)}
"db" is the database connection object created by the sqlite3 command, of course. The variables we want to bind are written directly in the SQL and SQLite parses them as named parameters. The eval method of the database handle object scans the named parameters and binds in the values of corresponding local variables. Note how much cleaner and eaiser to read this statement is and how it makes the SQLite interface much closer to the underlying language. This is, I believe, a better way of doing binding than either the Perl or the PHP examples given above.
This kind of binding is implemented in the "eval" method using a simple loop like the following:
int nVar = sqlite3_bind_parameter_count(pStmt); for(i=1; i<=nVar; i++){ const char *zVar = sqlite3_bind_parameter_name(pStmt, i); /* Look up the TCL variable named by &zVar[1] and bind it ** as the i-th parameter. sqlite3_bind_int() or ** sqlite3_bind_double() or sqlite3_bind_text() or ** sqlite3_bind_blob() might be used, depending on ** how the value is stored internally */ }
Perhaps now you better understand the purpose of the "$alpha" named parameters in the parser! Note that you do not have to use the $alpha named parameter syntax. :alpha works just as well:
db eval {INSERT INTO course VALUES(:semester, :course, :course_desc, :college, :reference)}
The use of $alpha would seem to work best for Perl and PHP but perhaps :alpha would work better in Python. I will not venture to choose. But I do want to encourage extension writers to make this kind of binding mechanism available to their users. In my experience, it makes programming with SQLite much easier, faster, and less error-prone.
-- D. Richard Hipp -- [EMAIL PROTECTED] -- 704.948.4565