* :VVV
* @VVV
* $VVV
Are above bindings the same? (Just different prefix to VVV)?
Thank you,
Samuel
________________________________
From: Pavel Ivanov <[email protected]>
To: General Discussion of SQLite Database <[email protected]>
Sent: Wed, March 24, 2010 2:16:34 PM
Subject: Re: [sqlite] Question about binding
> Is there documentation that talks about about the various binding place
> holders or is this a standard SQL construct?
Probably this will help you: http://www.sqlite.org/c3ref/bind_blob.html.
Pavel
On Tue, Mar 23, 2010 at 3:48 PM, Vance E. Neff <[email protected]> wrote:
> Thanks to all those who responded! It was quite educational.
> I'm using the zentus java jdbc wrapper. It seems to only support an
> index # for the binding index so I'm stuck with being careful as to how
> I count ?s.
> Is there documentation that talks about about the various binding place
> holders or is this a standard SQL construct?
>
> Vance
>
> D. Richard Hipp wrote:
>> On Mar 19, 2010, at 3:29 PM, David Bicking wrote:
>>
>>>
>>> --- On Fri, 3/19/10, Vance E. Neff <[email protected]> wrote:
>>>
>>> <snip>
>>>> UPDATE table1 set (?, ?, ?) WHERE col1=? and col2=?;
>>>>
>>>> I've never used binding before but have known it is a good
>>>> idea in order
>>>> to avoid injection of bad stuff.
>>>>
>>>> Vance
>>>>
>>> You count the question marks from left to right.
>>>
>>>> UPDATE table1 set (<1>, <2>, <3>) WHERE col1=<4> and col2=<5>;
>>> You can also put the index number you want to use after the ? so
>>> they can be in any order you want.
>>
>> Better still is to use a symbolic name for the parameters. The
>> symbolic names can be any identifier that begins with $, :, or @.
>> Examples:
>>
>> UPDATE table1 SET col1=$c1val, co...@c2val, col3=:c3val
>> WHERE co...@c2val AND col3=:c3val;
>>
>> You still have to translate the symbolic name into a "parameter index"
>> before you bind it. The sqlite3_bind_parameter_index() routine will
>> do that for you.
>>
>> In the programs I write, I always try to use symbolic names for
>> parameters and I rig the infrastructure to handle the mapping from
>> symbolic name to parameter index. For example, if you are using the
>> TCL interface to SQLite, you just specify TCL variables embedded in
>> the SQL:
>>
>> db eval {UPDATE table1 SET col1=$c1val WHERE col2=$c2val}
>>
>> In the statement above, the TCL interface automatically looks up the
>> values of TCL variables $c1val and $c2val and binds them appropriately
>> before running the statement. It doesn't get any cleaner than this.
>> Unfortunately, other programming languages require more complex
>> syntax. In the implementation of "Fossil" I do this:
>>
>> db_prepare(&stmt, "UPDATE table1 SET col1=$c1val WHERE col2=
>> $c2val");
>> db_bind_int(&stmt, "$c1val", 123);
>> db_bind_double(&stmt, "$c2val, 456.78);
>> db_step(&stmt);
>> db_finalize(&stmt);
>>
>> The db_bind_int() and db_bind_double() and similar routines wrap the
>> sqlite3_bind_xxxxx() and sqlite3_bind_parameter_index() calls.
>>
>> If we've learned one thing over the history of computing it is that
>> programmers are notoriously bad at counting parameters and that
>> symbolic names tend to be much better at avoiding bugs.
>>
>> D. Richard Hipp
>> [email protected]
>>
>>
>>
>> _______________________________________________
>> sqlite-users mailing list
>> [email protected]
>> http://sqlite.org:8080/cgi-bin/mailman/listinfo/sqlite-users
>>
>>
>
> _______________________________________________
> sqlite-users mailing list
> [email protected]
> http://sqlite.org:8080/cgi-bin/mailman/listinfo/sqlite-users
>
_______________________________________________
sqlite-users mailing list
[email protected]
http://sqlite.org:8080/cgi-bin/mailman/listinfo/sqlite-users
__________________________________________________________________
Connect with friends from any web browser - no download required. Try the new
Yahoo! Canada Messenger for the Web BETA at
http://ca.messenger.yahoo.com/webmessengerpromo.php
_______________________________________________
sqlite-users mailing list
[email protected]
http://sqlite.org:8080/cgi-bin/mailman/listinfo/sqlite-users
