Parameterized SQL statement: Difference between revisions
Content added Content deleted
No edit summary |
(Added Wren) |
||
Line 1,447: | Line 1,447: | ||
setPlayer $db 76 -> "Robert'; DROP TABLE players--" 0 false |
setPlayer $db 76 -> "Robert'; DROP TABLE players--" 0 false |
||
$db close</lang> |
$db close</lang> |
||
=={{header|Wren}}== |
|||
{{libheader|Wren-sql}} |
|||
An embedded program using our SQLite wrapper. |
|||
<lang ecmascript>import "./sql" for Connection |
|||
var db = Connection.open("rc.db") |
|||
var createSql = [ |
|||
"DROP TABLE IF EXISTS players", |
|||
"CREATE table players (name, score, active, jerseyNum)", |
|||
"INSERT INTO players VALUES ('Roethlisberger, Ben', 94.1, TRUE, 7)", |
|||
"INSERT INTO players VALUES ('Smith, Alex', 85.3, TRUE, 11)", |
|||
"INSERT INTO players VALUES ('Doe, John', 15, FALSE, 99)", |
|||
"INSERT INTO players VALUES ('Manning, Payton', 96.5, FALSE, 123)" |
|||
] |
|||
for (sql in createSql) db.exec(sql) |
|||
var widths = [22, 7, 7, 9] |
|||
System.print("Before update:\n") |
|||
db.printTable("SELECT * FROM players", widths) |
|||
var updateSql = "UPDATE players SET name = ?, score = ?, active = ? WHERE jerseyNum = 99" |
|||
var ps = db.prepare(updateSql) |
|||
ps.bindText(1, "Smith, Steve") |
|||
ps.bindDouble(2, 42) |
|||
ps.bindBool(3, true) |
|||
ps.bindInt(4, 99) |
|||
ps.step() |
|||
System.print("\nAfter update:\n") |
|||
db.printTable("SELECT * FROM players", widths)</lang> |
|||
{{out}} |
|||
<pre> |
|||
Before update: |
|||
name score active jerseyNum |
|||
------------------------------------------------ |
|||
Roethlisberger, Ben 94.1 1 7 |
|||
Smith, Alex 85.3 1 11 |
|||
Doe, John 15 0 99 |
|||
Manning, Payton 96.5 0 123 |
|||
After update: |
|||
name score active jerseyNum |
|||
------------------------------------------------ |
|||
Roethlisberger, Ben 94.1 1 7 |
|||
Smith, Alex 85.3 1 11 |
|||
Smith, Steve 42.0 1 99 |
|||
Manning, Payton 96.5 0 123 |
|||
</pre> |
|||
{{omit from|360 Assembly}} |
{{omit from|360 Assembly}} |