I defined in main() my char intype[]="chattinges";
and call the insert_in_db with insert_in_db(intype, 7);
but in the db is written only chat instead of chattings.
Where is the problem ?
void insert_in_db(char const *eventtype, int zaehler) {
int rc;
char *exec_errmsg;
const char dbname[] = "ah.db";
sqlite3 *db = NULL;
rc = sqlite3_open(dbname, &db);
if(SQLITE_OK != rc) {
fprintf(stderr, "Can't open database %s (%i): %s\n", dbname,
rc, sqlite3_errmsg(db));
sqlite3_close(db);
exit(1);
}
const char insert_sql[] = "INSERT INTO eventlog (eventtype,
counter) VALUES (?,?)";
sqlite3_stmt *insert_stmt = NULL;
rc = sqlite3_prepare_v2(db, insert_sql, -1, &insert_stmt, NULL);
if(SQLITE_OK != rc) {
fprintf(stderr, "Can't prepare insert statment %s (%i): %s\n",
insert_sql, rc, sqlite3_errmsg(db));
sqlite3_close(db);
exit(1);
}
char injectionattack[] = "contering";
// The NULL is "Don't attempt to free() the value when it's bound",
since it's on the stack here
//rc = sqlite3_bind_text(insert_stmt, 1, injectionattack,
sizeof(injectionattack), NULL);
rc = sqlite3_bind_text(insert_stmt, 1, eventtype,
sizeof(eventtype), NULL);
if(SQLITE_OK != rc) {
fprintf(stderr, "Error binding value in insert (%i): %s\n", rc,
sqlite3_errmsg(db));
sqlite3_close(db);
exit(1);
} else {
printf("Successfully bound string for insert: '%s'\n", eventtype);
}
//double realvalue = 3.14159;
//int realvalue = 3;
//rc = sqlite3_bind_double(insert_stmt, 2, realvalue);
rc = sqlite3_bind_int(insert_stmt, 2, zaehler);
if(SQLITE_OK != rc) {
fprintf(stderr, "Error binding value in insert (%i): %s\n", rc,
sqlite3_errmsg(db));
sqlite3_close(db);
exit(1);
} else {
printf("Successfully bound real for insert: %d\n", zaehler);
}
rc = sqlite3_step(insert_stmt);
if(SQLITE_DONE != rc) {
fprintf(stderr, "insert statement didn't return DONE (%i):
%s\n", rc, sqlite3_errmsg(db));
} else {
printf("INSERT completed\n\n");
}
sqlite3_finalize(insert_stmt);
sqlite3_close(db);
};
int main() {
char intype[]="chattinges";
cout << endl;
// Create an in-memory database
//const char dbname[] = ":memory:";
const char dbname[] = "ah.db";
// Actual database handle
sqlite3 *db = NULL;
// Database commands
const char create_sql[] = "CREATE TABLE eventlog ("
"id INTEGER PRIMARY KEY,"
"eventdate datetime default current_timestamp"
"eventtype TEXT,"
"counter INTEGER"
")";
// SQLite return value
int rc;
// Open the database
rc = sqlite3_open(dbname, &db);
if(SQLITE_OK != rc) {
fprintf(stderr, "Can't open database %s (%i): %s\n", dbname,
rc, sqlite3_errmsg(db));
sqlite3_close(db);
exit(1);
}
// SQLite exec returns errors with this
char *exec_errmsg;
// Use exec to run simple statements that can only fail/succeed
rc = sqlite3_exec(db, create_sql, NULL, NULL, &exec_errmsg);
if(SQLITE_OK != rc) {
fprintf(stderr, "Error creating table (%i): %s\n", rc,
exec_errmsg);
sqlite3_free(exec_errmsg);
sqlite3_close(db);
//exit(1);
}
sqlite3_close(db);
insert_in_db(intype, 7);
exit(0);
sqlite3_close(db);
return 0;
}
_______________________________________________
sqlite-users mailing list
sqlite-users@sqlite.org
http://sqlite.org:8080/cgi-bin/mailman/listinfo/sqlite-users
