Thanks for the reply, Darren. No need for parameters here. There's no risk of SQL injection attacks and speed is not a concern.
Thanks again, -- Bill Drago Senior Engineer L3 Communications / Narda Microwave East 435 Moreland Road Hauppauge, NY 11788 631-272-5947 / william.dr...@l-3com.com > -----Original Message----- > From: sqlite-users-boun...@sqlite.org [mailto:sqlite-users- > boun...@sqlite.org] On Behalf Of Darren Duncan > Sent: Tuesday, November 04, 2014 4:59 PM > To: General Discussion of SQLite Database > Subject: Re: [sqlite] How to check if a record exists > > If all you want to know is whether a record matching a particular field > value exists, then what you did is appropriate. The EXISTS construct > is generally for filtering one table with another. That being said, > you should be using bind parameters rather than stitching id into the > SQL string itself, as that practice generally leads to huge security > problems / SQL injection (although if your language is strongly typed > an int wouldn't do it, but a string would). -- Darren Duncan > > On 2014-11-04 1:47 PM, Drago, William @ CSG - NARDAEAST wrote: > > All, > > > > I've been pulling my hair out trying to figure how to use EXISTS. > I've had no luck with it (syntax errors) and I've resorted to this. Is > there a better/recommended way in SQLite to check if a record exists? > > > > > > static bool IDisDuplicate(string dbFileName, int id) > > { > > int count; > > string connectionString = String.Format("Data > Source={0}", dbFileName); > > using (SQLiteConnection connection = new > SQLiteConnection(connectionString)) > > { > > using (SQLiteCommand command = > connection.CreateCommand()) > > { > > connection.Open(); > > command.CommandText = > > "SELECT count(1) DatasetID FROM UUT_Info > where DatasetID = " + id + ";"; > > count = > Convert.ToInt32(command.ExecuteScalar()); > > } > > } > > > > if (count > 0) > > { > > return true; > > } > > else > > { > > return false; > > } > > } > > > > > > Thanks, > > -- > > Bill Drago > > Senior Engineer > > L3 Communications / Narda Microwave > > East<http://www.nardamicrowave.com/> > > 435 Moreland Road > > Hauppauge, NY 11788 > > 631-272-5947 / > > william.dr...@l-3com.com<mailto:william.dr...@l-3com.com> > > > > > > CONFIDENTIALITY, EXPORT CONTROL AND DISCLAIMER NOTE:This e-mail and > any attachments are solely for the use of the addressee and may contain > information that is privileged or confidential. Any disclosure, use or > distribution of the information contained herein is prohibited. In the > event this e-mail contains technical data within the definition of the > International Traffic in Arms Regulations or Export Administration > Regulations, it is subject to the export control laws of the > U.S.Government. The recipient should check this e-mail and any > attachments for the presence of viruses as L-3 does not accept any > liability associated with the transmission of this e-mail. If you have > received this communication in error, please notify the sender by reply > e-mail and immediately delete this message and any attachments. > > _______________________________________________ > > sqlite-users mailing list > > sqlite-users@sqlite.org > > http://sqlite.org:8080/cgi-bin/mailman/listinfo/sqlite-users > > > > _______________________________________________ > sqlite-users mailing list > sqlite-users@sqlite.org > http://sqlite.org:8080/cgi-bin/mailman/listinfo/sqlite-users CONFIDENTIALITY, EXPORT CONTROL AND DISCLAIMER NOTE:This e-mail and any attachments are solely for the use of the addressee and may contain information that is privileged or confidential. Any disclosure, use or distribution of the information contained herein is prohibited. In the event this e-mail contains technical data within the definition of the International Traffic in Arms Regulations or Export Administration Regulations, it is subject to the export control laws of the U.S.Government. The recipient should check this e-mail and any attachments for the presence of viruses as L-3 does not accept any liability associated with the transmission of this e-mail. If you have received this communication in error, please notify the sender by reply e-mail and immediately delete this message and any attachments. _______________________________________________ sqlite-users mailing list sqlite-users@sqlite.org http://sqlite.org:8080/cgi-bin/mailman/listinfo/sqlite-users
