autodoc.git
/
traditional.xml
version
»
Context lines:
10
20
40
80
file
none
3
autodoc.git/traditional.xml:41851:
result (eg <tt>INSERT</tt> or similar).</p> </text></group></mixed> </text></group><group><throws/><text><p>Throws an exception if the query fails.</p> </text></group><group><seealso/><text><p><ref resolved='predef::Sql.Sql.typed_query'>typed_query</ref>, <ref resolved='predef::Sql.Sql.big_query'>big_query</ref>, <ref resolved='predef::Sql.Sql.streaming_query'>streaming_query</ref></p> </text></group></doc> <method name='query'> <arguments><argument name='q'><type><or><object resolved='predef::Sql.Sql.query'/><string/></or></type></argument><argument name='extraargs'><type><varargs><mixed/></varargs></type></argument></arguments> <returntype><array><valuetype><mapping><indextype><string/></indextype><valuetype><string/></valuetype></mapping></valuetype></array></returntype> </method> </docgroup>
+
<docgroup homogen-name='query_db' homogen-type='method'><doc><text><p>Get the currently selected db if possible.</p>
+
</text></doc>
+
<method name='query_db'>
+
<arguments/>
+
<returntype><string/></returntype>
+
</method>
+
</docgroup>
<docgroup homogen-name='quote' homogen-type='method'><doc><text><p>Quote a string <ref resolved='predef::Sql.Sql.quote.s'>s</ref> so that it can safely be put in a query.</p> <p> All input that is used in SQL-querys should be quoted to prevent SQL injections.</p> <p> Consider this harmfull code:</p> <code><text><p>string my_input = "rob' OR name!='rob"; string my_query = "DELETE FROM tblUsers WHERE name='"+my_input+"'"; my_db->query(my_query);</p> </text></code><p>This type of problems can be avoided by quoting <tt>my_input</tt>. <tt>my_input</tt> would then probably read something like <i>rob\' OR name!=\'rob</i> </p>