string query_string = (`SELECT user, password FROM
otest.myusers where
user LIKE ` ~ `'%` ~ request["username"].to!string ~ `%';`);
Don't piece queries together without escaping the dynamic
parts. Imagine what happens when the user enters an apostrophe
in the username field.
Do you mean to wrap:
request["username"].to!string
in quotes?
Also, are you using LIKE when authenticating the user? O_O
Yes, my issue :)
How I can check if SQL request returned empty result?
When the result is empty, then rs.next() returns false on the
first call, I presume.
SO I can wrap it in `if`? Like: `if(rs.next())` ?
