Boost users' mailing page: Re: [Boost-users] Library Interface Design

Date view	Thread view	Subject view	Author view

From: loufoque (mathias.gaunard_at_[hidden])
Date: 2006-09-12 08:26:32

Next message: Edward Diener: "Re: [Boost-users] Library Interface Design"
Previous message: Jaime Rios: "[Boost-users] Problems when compiling with Xcode"
In reply to: Scott Meyers: "[Boost-users] Library Interface Design"
Next in thread: Paul Davis: "Re: [Boost-users] Library Interface Design"
Reply: Paul Davis: "Re: [Boost-users] Library Interface Design"

Scott Meyers wrote :

> > An example:
> > System.Data.SqlClient.SqlParameter is a class that describes a bound
> parameter used in a database statement. Bound parameters are essential
> to prevent SQL injection attacks. They should be exceedingly easy to use
> since the "competition" (string concatenation of parameters into the SQL
> statement) is easy, well understood, and dangerous.

You can construct safe SQL queries with streams or printf-like syntax easily
sql << "select first_name, last_name, date_of_birth "
"from persons where id = " << id

No need to put objects everywhere that complexify everything.

Next message: Edward Diener: "Re: [Boost-users] Library Interface Design"
Previous message: Jaime Rios: "[Boost-users] Problems when compiling with Xcode"
In reply to: Scott Meyers: "[Boost-users] Library Interface Design"
Next in thread: Paul Davis: "Re: [Boost-users] Library Interface Design"
Reply: Paul Davis: "Re: [Boost-users] Library Interface Design"

Date view	Thread view	Subject view	Author view