bool run_query(sqlite3* db, const std::string& sql, std::vector< user_record >& records) { // TODO: Fix this method to fail and display an error if there is a suspected SQL Injection // NOTE: You cannot just flag 1=1 as an error, since 2=2 will work just as well. You need // something more generic // clear any prior results records.clear(); char* error_message; if(sqlite3_exec(db, sql.c_str(), callback, &records, &error_message) != SQLITE_OK) { std::cout << "Data failed to be queried from USERS table. ERROR = " << error_message << std::endl; sqlite3_free(error_message); return false; } return true; }
''
= ''
var
This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)