Mark Anderson wrote:
The following code seems to cause the 'template' table to become
locked.
CString querystr;
querystr.Format ("insert into templates values (NULL, '%s', '%s',
'%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s')",
OurSKU, Description, VendorSKU, PackType, UnitsPerPack, Length,
Width, Height, WeightGross, WeightNet, UnitPrice, LabelsFlag,
WarrantyFlag);
This approach is rather risky, subject to SQL injection attack. Even if
nothing malicious is involved, consider what happens if one of the
strings, e.g. Description, happens to contain an apostrophe.
Use sqlite3_mprintf, or better yet, parameterized query (see
sqlite3_prepare, sqlite3_bind_*)
i = querystr.GetLength();
querystr2 = (char *) malloc (i);
querystr2 = querystr.GetBuffer (i);
sqlite3_exec (db, querystr2, NULL, 0, NULL);
You are leaking memory here. You don't need malloc nor GetBuffer - just
do
sqlite3_exec(db, querystr, NULL, 0, NULL);
The sqlite3_exec() call returns with a value of 5 (SQLITE_BUSY).
SQLITE_BUSY means that some other process or thread is already running a
query against the same database. Look at sqlite_busy_handler and
sqlite_busy_timeout.
Igor Tandetnik
