Boost Users :

From: loufoque (mathias.gaunard_at_[hidden])
Date: 2006-09-12 08:26:32

• Next message: Edward Diener: "Re: [Boost-users] Library Interface Design"
• Previous message: Jaime Rios: "[Boost-users] Problems when compiling with Xcode"
• In reply to: Scott Meyers: "[Boost-users] Library Interface Design"
• Next in thread: Paul Davis: "Re: [Boost-users] Library Interface Design"
• Reply: Paul Davis: "Re: [Boost-users] Library Interface Design"

Scott Meyers wrote :

> > An example:
> > System.Data.SqlClient.SqlParameter is a class that describes a bound
> parameter used in a database statement. Bound parameters are essential
> to prevent SQL injection attacks. They should be exceedingly easy to use
> since the "competition" (string concatenation of parameters into the SQL
> statement) is easy, well understood, and dangerous.

You can construct safe SQL queries with streams or printf-like syntax easily
sql << "select first_name, last_name, date_of_birth "
        "from persons where id = " << id

No need to put objects everywhere that complexify everything.

• Next message: Edward Diener: "Re: [Boost-users] Library Interface Design"
• Previous message: Jaime Rios: "[Boost-users] Problems when compiling with Xcode"
• In reply to: Scott Meyers: "[Boost-users] Library Interface Design"
• Next in thread: Paul Davis: "Re: [Boost-users] Library Interface Design"
• Reply: Paul Davis: "Re: [Boost-users] Library Interface Design"

Boost-users list run by williamkempf at hotmail.com, kalb at libertysoft.com, bjorn.karlsson at readsoft.com, gregod at cs.rpi.edu, wekempf at cox.net