From: Warren Young
Date: April 18 2009 11:24pm
Subject: Re: mysqlpp::escape doesn't work?
List-Archive: http://lists.mysql.com/plusplus/8526
Message-Id: <48C4AE43-6B80-4BBD-A659-CEA1FFF50D59@etr-usa.com>
MIME-Version: 1.0 (Apple Message framework v930.3)
Content-Type: text/plain; charset=US-ASCII; format=flowed; delsp=yes
Content-Transfer-Encoding: 7bit

On Apr 18, 2009, at 4:14 PM, Torsten Schulz wrote:

> strbuf << "INSERT
> INTO filedata (fileid, fileversion, filedata, realfilename) VALUES ("
> << dbid << ", " << version << ", \"" <<
> mysqlpp::escape << fill << "\", '" <<
> dokumentFile->clientFileName() << "')";

The MySQL++ stream manipulators only work with Query.  They purposely  
do nothing when inserted into other types of IOstreams.

You can rewrite the central part of that snippet as:

	Query query = db->GetNullQuery();
	char *read_buffer = new char[blen];
	instrm.read(read_buffer, blen);
	query << "INSERT INTO filedata (fileid, fileversion, filedata,  
realfilename) "
		"VALUES (" << dbid << ',' << version << ',' << mysqlpp::escape <<
		mysqlpp::sql_varchar(read_buffer, blen) << ',' << mysqlpp::quote <<
		dokumentFile->clientFileName() << ')';
	query.exec();

You might be able to drop the mysqlpp::escape...the stream might auto- 
quote it, since it's string data.

>    Caused by exception:You have an error in your SQL syntax; check  
> the manual that corresponds to your MySQL server version for the  
> right syntax to use near '""?????' at line 1

When you get that exception, say something like:

	cerr << "BAD QUERY: " << query << endl;

so you can see what the problem is with the syntax.  You have to  
declare the Query object outside the try block to do that, of course.