Jump to content
  • Advertisement
Sign in to follow this  
ortsa

[SOLVED]Could use some help with mysql++ if anyones used it before

This topic is 3629 days old which is more than the 365 day threshold we allow for new replies. Please post a new topic.

If you intended to correct an error in the post then please contact us.

Recommended Posts

I have this function
bool CheckLoginDetails(CPacket *loginPacket, ENetPeer *TPeer)
{
	string username(loginPacket->ReadString());
	string password(loginPacket->ReadString());

	string queryCommand("SELECT * FROM login WHERE username = ");
	queryCommand.append(username);
	queryCommand.append(" AND password = ");
	queryCommand.append(password);

	if (mysqlpp::Query theQuery = conn->query(queryCommand.c_str()))
	{
		if (mysqlpp::StoreQueryResult theResult = theQuery.store())
		{
			if (theResult.num_rows() == 0)
			{
				return false;
			}
			else
			{
				return true;
			}
		}		
	}

	return false;
}
EDIT: Iv refined my code a little, the error happens when i call theQuery.store() and i get some random access violation in xstring it says mysqlpp::BadQuery, can anyone see if my sql is correct? Also c++,vc2005. Well, i dont know how but iv fixed it woohooo [Edited by - ortsa on August 12, 2008 6:23:41 AM]

Share this post


Link to post
Share on other sites
Advertisement
Hello,

I'm not sure if it has anything to do with your error, but shouldn't there be quotes around username and password ?

kind regards
Uncle

Share this post


Link to post
Share on other sites
I thought that too but in the documentation it says quotes arent needed for strings without spaces

Share this post


Link to post
Share on other sites
heres is just general advice. do not store passwords plaintext. store some sort of hash, like an md5 or something.

Share this post


Link to post
Share on other sites
Quote:
Original post by ortsa
I thought that too but in the documentation it says quotes arent needed for strings without spaces


But if someone enters an SQL statement in username, you could get in trouble.

Uncle

EDIT : but this is probably totally unrelated to the problem you have

Share this post


Link to post
Share on other sites
Quote:
Original post by UncleRemus
Quote:
Original post by ortsa
I thought that too but in the documentation it says quotes arent needed for strings without spaces


But if someone enters an SQL statement in username, you could get in trouble.

Uncle

EDIT : but this is probably totally unrelated to the problem you have


Yes but thanks for bringing that up, should save me some trouble

Share this post


Link to post
Share on other sites

Are the username and password filled ? Otherwise it could result in a bad query.

SELECT * FROM login WHERE username = AND password =

Share this post


Link to post
Share on other sites
Sign in to follow this  

  • Advertisement
×

Important Information

By using GameDev.net, you agree to our community Guidelines, Terms of Use, and Privacy Policy.

We are the game development community.

Whether you are an indie, hobbyist, AAA developer, or just trying to learn, GameDev.net is the place for you to learn, share, and connect with the games industry. Learn more About Us or sign up!

Sign me up!