d-led
commented
8 years ago Please see the last comment in #23. If I'm not mistaken, there are no other query api at the moment.
Closed igorgatis closed 6 years ago
d-led
commented
8 years ago Please see the last comment in #23. If I'm not mistaken, there are no other query api at the moment.
rtoepfer
commented
7 years ago I've submitted a pull request (https://github.com/paulftw/hiberlite/pull/29) to that allows the following:
class ScandyHiberliteDatabase : public hiberlite::Database {
public:
ScandyHiberliteDatabase() : hiberlite::Database() {}
// we need to be able to specify constraints
template<class T>
std::vector<hiberlite::sqlid_t> getBeanIds(std::string where = "", std::string order = "") {
return dbSelectIds(con, getClassName<T>(), where, order);
}
// we need to execute raw sql to add column constraints
void dbExecQuery(std::string query) {
hiberlite::Database::dbExecQuery(query);
}
// get underlying sqlite error messages
std::string getErrorMsg() {
return std::string(sqlite3_errmsg(con->getSQLite3Ptr()));
}
};merged #29
OxMarco
commented
6 years ago It lacks a basic check on input, it is very unsafe and can lead to DB errors. I suggest to restrict user input to a single search condition.
template<class C>
std::vector<sqlid_t> Database::getBeanIds(std::string column, std::string value, std::string order)
{
std::string sqlQuery = "";
if(column.size() > 0 && value.size() > 0)
sqlQuery = column + " = '" + value + "'";
return dbSelectIds(con, getClassName<C>(), sqlQuery, order);
}Note the code above and the code you posted don't exist in the repository - only the changes that allowed the code above were merged. Its up to the app developer to handle parameter sanitization if even necessary (this is C++ not a web scripting language).
Documentation says there are several ways of loading beans. I could only find 2: loadBean and getAllBeans.
How do I query beans?