Re: [sqlite] concat 2 const chars ?

2010-07-09 Thread Martin Engelschalk
Hi,

i think you are asking a C question, and not an sql question.
Is your example C code? If this is the case, you should read up on C basics.
Feel free to contact me directly (also in German)

Martin

Am 09.07.2010 21:06, schrieb rollerueckwaerts:
> Hello,
> I try to get an sql query string from 2 const chars.
>
> const char *language;
> language = "'6'";
> const char *sql2 = "SELECT key,name,text FROM uebersetzungen WHERE sprach_id
> = ";  
>
> const char *sql = strcpy(sql2,language);
> // or
> const char *sql = "SELECT key,name,text FROM uebersetzungen WHERE sprach_id
> = " + language;
> //or
> const char *sql = "SELECT key,name,text FROM uebersetzungen WHERE sprach_id
> = "&  language;
>
>
> nothing works :)
>
> How can i do this ?
>
> Hoping for help :)
> tobi
>
>


Fax: +49 (0) 3212 / 1001404
engelsch...@codeswift.com
www.codeswift.com / www.swiftcash.at

Codeswift Professional IT Services GmbH
Firmenbuch-Nr. FN 202820s
UID-Nr. ATU 50576309

___
sqlite-users mailing list
sqlite-users@sqlite.org
http://sqlite.org:8080/cgi-bin/mailman/listinfo/sqlite-users


Re: [sqlite] concat 2 const chars ?

2010-07-09 Thread Sam Carleton
I really don't mean to be a jerk, but this does seem to be really off
topic for this mailing list.  Isn't the concatination of two string a
general C/C++ question rather then a sqlite question?  Don't you think
you might be better off asking this question on a C/C++ mailing list
or forum, maybe somewhere like http://www.codeguru.com?

As to stay close to the topic [sqlite], aka that of general sql, I
would HIGHLY recommend looking at this link:
http://en.wikipedia.org/wiki/SQL_injection

And finally to stay on topic [sqlite], don't do what you are trying to
do, use a prepared statement and bind your variables to the prepared
statement to prevent sql injection.

Sam

On Fri, Jul 9, 2010 at 3:06 PM, rollerueckwaerts
 wrote:
>
> Hello,
> I try to get an sql query string from 2 const chars.
>
> const char *language;
> language = "'6'";
> const char *sql2 = "SELECT key,name,text FROM uebersetzungen WHERE sprach_id
> = ";
>
> const char *sql = strcpy(sql2,language);
> // or
> const char *sql = "SELECT key,name,text FROM uebersetzungen WHERE sprach_id
> = " + language;
> //or
> const char *sql = "SELECT key,name,text FROM uebersetzungen WHERE sprach_id
> = " & language;
>
>
> nothing works :)
>
> How can i do this ?
>
> Hoping for help :)
> tobi
>
> --
> View this message in context: 
> http://old.nabble.com/concat-2-const-chars---tp29121393p29121393.html
> Sent from the SQLite mailing list archive at Nabble.com.
>
> ___
> sqlite-users mailing list
> sqlite-users@sqlite.org
> http://sqlite.org:8080/cgi-bin/mailman/listinfo/sqlite-users
>
___
sqlite-users mailing list
sqlite-users@sqlite.org
http://sqlite.org:8080/cgi-bin/mailman/listinfo/sqlite-users


Re: [sqlite] concat 2 const chars ?

2010-07-09 Thread Adam DeVita
and don't use strcpy

here is why
https://buildsecurityin.us-cert.gov/bsi-rules/home/g1/848-BSI.html

On Fri, Jul 9, 2010 at 3:06 PM, rollerueckwaerts
wrote:

>
> Hello,
> I try to get an sql query string from 2 const chars.
>
> const char *language;
> language = "'6'";
> const char *sql2 = "SELECT key,name,text FROM uebersetzungen WHERE
> sprach_id
> = ";
>
> const char *sql = strcpy(sql2,language);
> // or
> const char *sql = "SELECT key,name,text FROM uebersetzungen WHERE sprach_id
> = " + language;
> //or
> const char *sql = "SELECT key,name,text FROM uebersetzungen WHERE sprach_id
> = " & language;
>
>
> nothing works :)
>
> How can i do this ?
>
> Hoping for help :)
> tobi
>
> --
> View this message in context:
> http://old.nabble.com/concat-2-const-chars---tp29121393p29121393.html
> Sent from the SQLite mailing list archive at Nabble.com.
>
> ___
> sqlite-users mailing list
> sqlite-users@sqlite.org
> http://sqlite.org:8080/cgi-bin/mailman/listinfo/sqlite-users
>



-- 
VerifEye Technologies Inc.
905-948-0015x245
7100 Warden Ave, Unit 3
Markham ON, L3R 8B5
Canada
___
sqlite-users mailing list
sqlite-users@sqlite.org
http://sqlite.org:8080/cgi-bin/mailman/listinfo/sqlite-users


Re: [sqlite] concat 2 const chars ?

2010-07-09 Thread Adam DeVita
>From the point of view of a C question, make your array of characters large
enough to hold the characters you want (and terminating null) before copying
them in.

>From the point of view of an SQL: if you want to change the comparison
constant in a where clause, look up bind parameters.

read through
http://www.sqlite.org/c3ref/bind_blob.html

There are lots of examples on the list of binding.

regards,
Adam


On Fri, Jul 9, 2010 at 3:06 PM, rollerueckwaerts
wrote:

>
> Hello,
> I try to get an sql query string from 2 const chars.
>
> const char *language;
> language = "'6'";
> const char *sql2 = "SELECT key,name,text FROM uebersetzungen WHERE
> sprach_id
> = ";
>
> const char *sql = strcpy(sql2,language);
> // or
> const char *sql = "SELECT key,name,text FROM uebersetzungen WHERE sprach_id
> = " + language;
> //or
> const char *sql = "SELECT key,name,text FROM uebersetzungen WHERE sprach_id
> = " & language;
>
>
> nothing works :)
>
> How can i do this ?
>
> Hoping for help :)
> tobi
>
> --
> View this message in context:
> http://old.nabble.com/concat-2-const-chars---tp29121393p29121393.html
> Sent from the SQLite mailing list archive at Nabble.com.
>
> ___
> sqlite-users mailing list
> sqlite-users@sqlite.org
> http://sqlite.org:8080/cgi-bin/mailman/listinfo/sqlite-users
>



-- 
VerifEye Technologies Inc.
905-948-0015x245
7100 Warden Ave, Unit 3
Markham ON, L3R 8B5
Canada
___
sqlite-users mailing list
sqlite-users@sqlite.org
http://sqlite.org:8080/cgi-bin/mailman/listinfo/sqlite-users