How to check if result of request to DB is empty?
anonymous via Digitalmars-d-learn
digitalmars-d-learn at puremagic.com
Sat Dec 12 05:18:12 PST 2015
On 12.12.2015 08:44, Suliman wrote:
>>> string query_string = (`SELECT user, password FROM otest.myusers where
>>> user LIKE ` ~ `'%` ~ request["username"].to!string ~ `%';`);
>>
>> Don't piece queries together without escaping the dynamic parts.
>> Imagine what happens when the user enters an apostrophe in the
>> username field.
>
> Do you mean to wrap:
> request["username"].to!string
> in quotes?
no
More information about the Digitalmars-d-learn
mailing list