Swedish letters fuck up parsing into SQL querry

WebFreak001 d.forum at webfreak.org
Tue Mar 24 14:10:19 UTC 2020


On Tuesday, 24 March 2020 at 11:15:24 UTC, matheus wrote:
> On Monday, 23 March 2020 at 15:41:50 UTC, Adam D. Ruppe wrote:
>> On Monday, 23 March 2020 at 15:15:12 UTC, Anders S wrote:
>>> I'm creating a connection to the db and conn.exec(sql)
>>
>> It depends on the library but it is almost always easier to do 
>> it right than to do it the way you are.
>>
>> like with my lib it is
>>
>> db.query("update celldata set name = ?", new_name);
>
> I'm not the OP but I have a question, isn't this passive to SQL 
> injection too, or your LIB will handle this somehow?
>
> If is the later could you please point the code on GitHub?
>
> Matheus.

https://github.com/mysql-d/mysql-native/blob/8f9cb4cd9904ade43af006f96e5e03eebe7a7c19/source/mysql/protocol/comms.d#L494

it's builtin into mysql


More information about the Digitalmars-d-learn mailing list