Permalink
Browse files

Expanded example a little bit.

  • Loading branch information...
1 parent 31fb3fe commit f6a8435bd66ddeb551eacd3ca5e87cadf4e867c8 @bradenmacdonald bradenmacdonald committed Aug 25, 2011
Showing with 11 additions and 3 deletions.
  1. +11 −3 example/demo.cpp
View
@@ -109,9 +109,17 @@ int main(int argc, char** argv) {
db.sqlExec("update employee set name = 'Christiano Ronaldo' where id = 5;");
output("Updated %d rows. ", db.numberOfRowsChanged());
- output("Deleting both rows...");
- db.sqlExec("delete from employee where 1;");
+ // Example of avoiding SQL injection, and inserting NULL values, both with %Q:
+ output("Inserting more rows...");
+ db.sqlExec("INSERT INTO employee VALUES (%d, %Q);", 8, "Jack O'Flanagan");
+ db.sqlExec("INSERT INTO employee VALUES (%d, %Q);", 9, NULL);
+ db.sqlExec("INSERT INTO employee VALUES (10, '%q');", "Peter O'Flanagan");
+ db.sqlExec("INSERT INTO employee VALUES (11, %Q);", "Linda O'Flanagan");
+
+ output("Deleting two rows...");
+ db.sqlExec("delete from employee where id = 5 or id = 7;");
output("Deleted %d rows. ", db.numberOfRowsChanged());
+ output("%d rows remain.", db.getScalar("select count(*) from employee;"));
////////////////////////////////////////////////////////////////////////////////
// Transaction tests - compare speed of various different methods
@@ -175,7 +183,7 @@ int main(int argc, char** argv) {
time_taken = (int)(s3eTimerGetMs() - time_start);
{
- row_count = db.getScalar("select count(*) from employee;", 7);
+ row_count = db.getScalar("select count(*) from employee;");
output(" -> Took %d msec to insert %d rows into employee table", time_taken, row_count);
if (row_count != nRowsToCreate) {
output("Failed!");

0 comments on commit f6a8435

Please sign in to comment.