Re: [gnome-db] API Break Request for gda_insert_row_into_table

2008/12/23 Vivien Malerba <vmalerba gmail com>

2008/12/21 Daniel Espinosa <esodan gmail com>

Hi all

I'm working in gda_insert_row_into_table but have some troubles:

I'm creating the SQL usin GdaSqlStatement structs, with success but strings are renderer with out quotes ("") can any help me to know how can I do this to work.

I'm adding a GdaSqlExpr to values GList in the GdaSqlStatementInsert, when render the GdaSqlStatement I get:

 INTO test (q, number, a) VALUES (NEW TEXT, 1000, NUEVO NOMBRE)

it is an invalid SQL, how can I get quoted strings. This must be

 INTO test (q, number, a) VALUES ('NEW TEXT', 1000, 'NUEVO NOMBRE')

for a PostgreSQL database.

It's up to you to add quotes where they are needed (because the GdaSqlStatement is just a tree representation of an SQL statement). Anyway, what you should do is use GdaSqlParamSpec (which are variables or parameters), this will have the following benefits:
* avoid you the job of adding quotes when needed
* avoid any SQL injection problems

Coul you help me on how create a GdaSqlParamSpec?

As Far As I Undertand for the code in gda_sql_param_spec_new (GValue *value), the value paramenter must be a string with the following syntax:


As a collateral efect all functions in sql-parser directory doesn't have any documentation, then may is time to work on them, I'll try to help on them.
Trabajar, la mejor arma para tu superación
"de grano en grano, se hace la arena" (R) (en trámite, pero para los cuates: LIBRE)

[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]