Don't like ads? PRO users don't see any ads ;-)
Public Pastes
Guest

Untitled

By: a guest on Aug 12th, 2012  |  syntax: None  |  size: 2.06 KB  |  hits: 9  |  expires: Never
download  |  raw  |  embed  |  report abuse  |  print
Text below is selected. Please press Ctrl+C to copy to your clipboard. (⌘+C on Mac)
  1. C SQL Query building made easy
  2. GString *acc_protocol = g_string_new(acc->prpl->name);
  3. GString *acc_handle = g_string_new(acc->user);
  4. GString *acc_password = g_string_new(acc->pass);
  5. GString *acc_tag = g_string_new(acc->tag);
  6. g_string_printf(q, "INSERT INTO accounts (user, protocol, handle, password, autoconnect, tag) values (%ld, ", user_id);
  7. g_string_append(q,"'");
  8. append_mysql_escaped_param(q, buf, acc_protocol);
  9. g_string_append(q,"', '");
  10. append_mysql_escaped_param(q, buf, acc_handle);
  11. g_string_append(q,"', '");
  12. append_mysql_escaped_param(q, buf, acc_password);
  13. g_string_append(q,"', '");
  14. g_string_append(q, atoi(acc->auto_connect));
  15. g_string_append(q,"', '");
  16. append_mysql_escaped_param(q, buf, acc_tag);
  17. g_string_append(q,"') on duplicate key UPDATE password='");
  18. append_mysql_escaped_param(q, buf, acc_password);
  19. g_string_append(q,"', autoconnect='");
  20. g_string_append(q, atoi(acc->auto_connect));
  21. g_string_append(q,"', tag='");
  22. append_mysql_escaped_param(q, buf, acc_tag);
  23. g_string_append(q,"'");
  24.  
  25. g_string_free(acc_handle);
  26. g_string_free(acc_password);
  27. g_string_free(acc_protocol);
  28. g_string_free(acc_tag);
  29.  
  30. mysql_real_query(mysql);
  31.     num_rows =  mysql_affected_rows(mysql);
  32.     ....
  33. /// .... mysql processing here ...
  34.        
  35. static void append_mysql_escaped_param(GString *query, GString *buffer, GString *param){
  36.     g_string_set_size(buffer, param->len*2+1);
  37.     mysql_real_escape_string(mysql, buffer->str, param->str, param->len);
  38.     g_string_append(query, buffer->str);
  39. }
  40.        
  41. char querystring[]="INSERT INTO accounts (user, protocol, handle, password, autoconnect, tag) values ({param_user_id}, {param_protocol}, {param_handle}, {param_password}, {param_autoconnect}, {param_tag});"
  42. parameterizeQuery(querystring, "user_id", user_id);
  43. parameterizeQuery(querystring, "protocol", acc_protocol);
  44. //do this for all remaining fields
  45. g_string_printf(q, querystring);
  46.        
  47. void parameterizeQuery(char stringofquery[], char parameterstring[], char parametervalue[])
  48. {
  49.     //PSEUDO-CODE: stringofquery.str_replace("{param_"+parameterstring+"}", g_string_mysql_escape_param(parametervalue));
  50. }
create a new version of this paste RAW Paste Data