Syntax: assign method's property value to sql command_问答_开发者

Syntax: assign method's property value to sql command

开发者 https://www.devze.com 2023-04-13 05:49 出处：网络

I\'ve got method: -(NSMutableArray*)getTheCountriesEurope:(int)continentID { NSMutableArray* euCountriesArray=[[[NSMutableArray alloc]init]autorelease];

相关专题：objective-c

I've got method:

-(NSMutableArray*)getTheCountriesEurope:(int)continentID
{
NSMutableArray* euCountriesArray=[[[NSMutableArray alloc]init]autorelease];
const char* sqlContine开发者_如何转开发nts="SELECT countries.countryID,countries.countryName\
FROM countries\
WHERE countries.relativeToContinentID=?";

How can I assign to sql command my (int)continentID property? I mean to statement

WHERE countries.relativeToContinentID=?";

Thank you in advance.

try this:

formattedString = [NSString stringWithFormat:
    @"SELECT countries.countryID,countries.countryName\
    FROM countries\
    WHERE countries.relativeToContinentID=%i"
    ,continentID];

The "proper" way is to use sqlite3_prepare_v2() to compile your SQL statement and then use sqlite3_bind_int() to bind your int parameter to the statement. This is better than putting the int into the SQL query string because

the statement can be reused with different int parameters
Using prepare/bind prevents any chance of a SQL injection attack. While this isn't a problem for int parameters, it is a headache for strings and you might as well do everything the same way.