Notice: Any messages purporting to come from this site telling you that your password has expired, or that you need to verify your details, confirm your email, resolve issues, making threats, or asking for money, are
spam. We do not email users with any such messages. If you have lost your password you can obtain a new one by using the
password reset link.
Due to spam on this forum, all posts now need moderator approval.
Entire forum
➜ MUSHclient
➜ Bug reports
➜ bind Parameters for sqlite-prepared statements.
|
bind Parameters for sqlite-prepared statements.
|
It is now over 60 days since the last post. This thread is closed.
Refresh page
| Posted by
| Myonara
(3 posts) Bio
|
| Date
| Thu 08 Feb 2018 06:33 AM (UTC) |
| Message
| It seems, that the prepared statements in the MushClient
interface doesn't support the binding of parameters,
however the DatabasePrepare understands the ? or ?1 syntax.
Here is what I've tried:
DatabaseExec("db",[[
CREATE TABLE IF NOT EXISTS soundcache (
filename TEXT PRIMARY KEY, -- access path
ISOtime TEXT, -- time format for If-Modified-Since
wav BLOB ) -- the content.
]] )
rc = DatabasePrepare ("db",
"INSERT OR REPLACE INTO soundcache (filename,ISOtime,wav) "..
"VALUES (?,?,?)") --> returns 0 (sqlite3.OK)
Note ("1="..rc)
rc = DatabaseStep ("db",filename,isotime,body) -- returns 101 (sqlite3.DONE)
Note ("2="..rc)
rc = DatabaseFinalize ("db") -- returns 0 (sqlite3.OK)
Note ("3="..rc)
What I've expected from other sqlite interfaces, that DatabaseStep binds the extra parameters to ?-list of parameters.
If a dynamic parameter list is not possible to all supported script engine, I propose a new function DatabaseBind("db",1,data) to assign the first ?-occurrence the field-Data and so on prior to the DatabaseStep.
The big advantage of prepared statements with bound parameters they are type safe and the measure against sql injection.
The above example is working fine, but it just inserts an empty line instead of the real data. | | Top |
|
| Posted by
| Nick Gammon
Australia (23,169 posts) Bio
Forum Administrator |
| Date
| Reply #1 on Thu 08 Feb 2018 06:48 AM (UTC) Amended on Thu 08 Feb 2018 06:49 AM (UTC) by Nick Gammon
|
| Message
| |
| Posted by
| Myonara
(3 posts) Bio
|
| Date
| Reply #2 on Thu 08 Feb 2018 06:42 PM (UTC) Amended on Thu 08 Feb 2018 07:38 PM (UTC) by Myonara
|
| Message
| I followed your advice, and after fixing some issues with the http headers here is the corrected insertion code:
stat = localDB:prepare(
"INSERT OR REPLACE INTO soundcache (filename,ISOtime,wav) "
.. "VALUES (?,?,?)")
stat:bind(1,filename)
stat:bind(2,isotime)
stat:bind_blob(3,body)
rc = stat:step()
if rc == sqlite3.DONE then
stat:finalize()
localDB:close() -- close it
else
--error handling and others
end -- if
Once I have this sound caching mechanism up and running, I will publish it on github. | | Top |
|
The dates and times for posts above are shown in Universal Co-ordinated Time (UTC).
To show them in your local time you can join the forum, and then set the 'time correction' field in your profile to the number of hours difference between your location and UTC time.
13,935 views.
It is now over 60 days since the last post. This thread is closed.
Refresh page
![[Go to top]](/images/gototop.gif)
top