MySQL中如何插入blob类型数据
等具体研究完写篇完整的,现在只是作为一个标记,以免忘记mysql_real_escape_string函数。
mysql_real_escape_string()
unsigned long mysql_real_escape_string(MYSQL *mysql, char *to, const char *from, unsigned long length)
Note that mysql
must be a valid, open connection. This is needed because the escaping depends on the character set in use by the server.
Description
This function is used to create a legal SQL string that you can use in an SQL statement. See Section9.1.1, “Strings”.
The string in from
is encoded to an escaped SQL string, taking into account the current character set of the connection. The result is placed in to
and a terminating null byte is appended. Characters encoded are NUL
(ASCII 0), ‘/n
’, ‘/r
’, ‘/
’, ‘'
’, ‘"
’, and Control-Z (see Section9.1, “Literal Values”). (Strictly speaking, MySQL requires only that backslash and the quote character used to quote the string in the query be escaped. This function quotes the other characters to make them easier to read in log files.)
The string pointed to by from
must be length
bytes long. You must allocate the to
buffer to be at least length*2+1
bytes long. (In the worst case, each character may need to be encoded as using two bytes, and you need room for the terminating null byte.) When mysql_real_escape_string()
returns, the contents of to
is a null-terminated string. The return value is the length of the encoded string, not including the terminating null character.
If you need to change the character set of the connection, you should use the mysql_set_character_set()
function rather than executing a SET NAMES
(or SET CHARACTER SET
) statement. mysql_set_character_set()
works like SET NAMES
but also affects the character set used by mysql_real_escape_string()
, which SET NAMES
does not.
Example
char query[1000],*end; end = strmov(query,"INSERT INTO test_table values("); *end++ = '/''; end += mysql_real_escape_string(&mysql, end,"What's this",11); *end++ = '/''; *end++ = ','; *end++ = '/''; end += mysql_real_escape_string(&mysql, end,"binary data: /0/r/n",16); *end++ = '/''; *end++ = ')'; if (mysql_real_query(&mysql,query,(unsigned int) (end - query))) { fprintf(stderr, "Failed to insert row, Error: %s/n", mysql_error(&mysql)); }
The strmov()
function used in the example is included in the mysqlclient
library and works like strcpy()
but returns a pointer to the terminating null of the first parameter.
Return Values
The length of the value placed into to
, not including the terminating null character.
Errors
None.
更多相关文章
- mysql利用st_distance函数查询附近的点的功能
- mySql中SUBSTRING_INDEX函数用法
- 在H2数据库中插入时间——函数“PARSEDATETIME”未找到
- MySQL 运算符和函数
- 使用QSqlDatabase类的open函数导致程序崩溃
- 如何在php imap函数中看到看不见的电子邮件
- MySQL 自定义函数.txt
- hibernate(*.hbm.xml)中新添加的字段被标记为红色(找不到)的解决方法
- mysql 中使用聚合函数sum()后出现很长的小数