On Wednesday 17 December 2008, justin said something like:
> aravind chandu wrote:
> > Hello,
> > I have problem with select statement in c++ program I am
> > using pqxx library to connect to postgresql database.My query is
> >
> > result R(T.exec(" select * from dbtable where username =
> > ' "+user+" ' and password = ' "+st+" ' "));
> >
> > here st is in encrypted format and the string is st =
> > M^fuo|`sjyo|`so|>-?z this is the string i stored in the table .
> >
> > The error I was encountered is "terminate called after
> > throwing an instance of 'pqxx::syntax_error'
> > what(): ERROR: unterminated quoted string at or near
> > "'M^fuo|`sjyo|`so|>-?z"
> > LINE 1: ...table where username = 'achandana' and password =
> > 'M^fuo|`sj...
> >
> > ^ "
> >
> > I am not able to identify what the actual problem is can you guys
> > please help to solve this problem?Your help is greatly appreciated.
> >
> > Thank You,
> > Aravind
>
> Well its telling you in the error the quotes are flaky. It apears
> that the password portion contains another sing quote.
>
> I would move to double dollar quoting when dealing with strings that
> contain special characters
>
> example
> R(T.exec(" select * from dbtable where username = $UserName$ " +
> user + " $Username$ and password = $Password$ " + st + " $Password$
> "));
>
> see http://www.postgresql.org/docs/8.3/static/sql-syntax-lexical.html
> on dollar quoting
Better yet, use placeholders and let the driver do the quoting.
j
--
Joshua Kugler
Part-Time System Admin/Programmer
http://www.eeinternet.com
PGP Key: http://pgp.mit.edu/ ID 0xDB26D7CE