[Mono-bugs] [Bug 61130][Nor] Changed - Mono.Data.SqliteCommand ignore the sql params

bugzilla-daemon@bugzilla.ximian.com bugzilla-daemon@bugzilla.ximian.com
Sun, 8 Aug 2004 21:42:45 -0400 (EDT)

Please do not reply to this email- if you want to comment on the bug, go to the
URL shown below and enter your comments there.

Changed by grompf@sublimeintervention.com.


--- shadow/61130	2004-07-03 13:59:43.000000000 -0400
+++ shadow/61130.tmp.21820	2004-08-08 21:42:45.000000000 -0400
@@ -1,14 +1,14 @@
 Bug#: 61130
 Product: Mono: Class Libraries
 Version: unspecified
+OS: unknown
 OS Details: linux, mono 1.0
 Status: NEW   
+Severity: Unknown
 Priority: Normal
 Component: Sys.Data
 AssignedTo: mono-bugs@ximian.com                            
 ReportedBy: tom@aliacom.fr               
 QAContact: mono-bugs@ximian.com
 TargetMilestone: ---
@@ -46,6 +46,19 @@
 I'm not sure I'm the parameters property is intented to work the way I
 think (ie. like a PreparedStatement with JDBC in java), but I'm sure that
 the sql_params instance variable is unused in the SqliteCommand class.
 What is the proper way to insert a string into an sqlite database, without
 write my own escaping function ?
+------- Additional Comments From grompf@sublimeintervention.com  2004-08-08 21:42 -------
+Please note the problem here is you're using the wrong sytax; you're using java 
+preparedstatement syntax which is not C# syntax; for C# params you use @name rather 
+than ?; for example:
+cmd.CommandText = "UPDATE foo SET bar=@bar";
+spc.Add("bar", "bla");
+would be correct.