Results 1 to 9 of 9

Thread: escape input for mysql server

Hybrid View

Previous Post Previous Post   Next Post Next Post
  1. 18th June 2007, 22:50 #1
    tpf80
    tpf80 is offline Intermediate user
    Join Date
    Oct 2006
    Location
    Hawaii
    Posts
    130
    Qt products
    Qt4
    Platforms
    Unix/X11 Windows
    Thanks
    48
    Thanked 4 Times in 4 Posts

    Default Re: escape input for mysql server

    One last question I notice that:
    Qt Code: 
    1. #
    2. query.prepare("select userid, username, firstname, lastname, email, status from user where username=:username");
    3. #
    4. query.bindValue(":username", login.username);
    To copy to clipboard, switch view to plain text mode 
    Pretty much escapes the login.username, puts it in quotes, and inserts it where :username is. However how do I use bindValue() with queries using "like" for example:

    Qt Code: 
    1. query.prepare("select userid, username, firstname, lastname, email, status from user where username like \"%" + something + "%\"");
    To copy to clipboard, switch view to plain text mode 

    it doesn't seem that
    Qt Code: 
    1. query.prepare("select userid, username, firstname, lastname, email, status from user where username like \"%:something%\"");
    2. query.bindValue(":something", somevariable);
    To copy to clipboard, switch view to plain text mode 
    works properly. (gives an error preparing the query). What is the proper way to use bindvalue with a "like" query?
    Reply With Quote Reply With Quote
  2. 18th June 2007, 22:58 #2
    jacek
    jacek is offline Guru
    Join Date
    Jan 2006
    Location
    Warsaw, Poland
    Posts
    5,372
    Qt products
    Qt3 Qt4
    Platforms
    Unix/X11 Windows
    Thanks
    28
    Thanked 976 Times in 912 Posts

    Default Re: escape input for mysql server

    Quote Originally Posted by tpf80 View Post
    What is the proper way to use bindvalue with a "like" query?
    Try:
    SQL Code: 
    1. SELECT userid, username, firstname, lastname, email, STATUS
    2. FROM user
    3. WHERE username LIKE '%' || :something || '%'
    To copy to clipboard, switch view to plain text mode 
    or
    Qt Code: 
    1. query.bindValue(":something", "%" + somevariable + "%" );
    To copy to clipboard, switch view to plain text mode 
    Reply With Quote Reply With Quote

  3. The following user says thank you to jacek for this useful post:

    tpf80 (18th June 2007)
« Previous Thread | Next Thread »

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules

Qt is a trademark of The Qt Company.