[Qt-interest] OT: Re: Proper way to update a BLOB field
Dusan Zatkovsky
msk.conf at gmail.com
Wed Apr 14 16:14:40 CEST 2010
On Wednesday 14 of April 2010 14:47:57 David Boosalis wrote:
> QString str = "UPDATE MyTable SET x='" + QString::number(myClass->x) +
> "', y='" + QString::number(myClass->y) +
> ", headerState" + myClass->byteArray +
> " WHERE id='" + QString::number(myClass->id));
OT, this is the best example how sql statement must !not! be constructed due
to sql injection.
--
Dusan
More information about the Qt-interest-old
mailing list