I am very new to iOS programming and I have a problem recovering some data from my database. This is a simple login page that I have on my application. I seem to get that username to check exist and need it failed SQLITE_ROW following line sqlite3_step (statement) == and I also have a warning line where I say your SQL query "Data is not written by logic format string" Below is my code
sqlite3_stmt * statement; Const char * dbpath = [_databasePath UTF8String]; If (sqlite3_open (dbpath, & amp; _db) == SQLITE_OK) {NSString * query = [NSString stringWithFormat: @ "username, select the Password Where UserInfo USERNAME = \" %% @ \ "", self.txtUsername .text]; Const char * query_statement = [query UTF 8 string]; If (sqlite3_prepare_v2 (_db, query_statement, -1, & amp; statements, zero) == SQLITE_OK) {if (sqlite3_step (statement) == SQLITE_ROW) {NSString * username = [[NSString alloc] initWithUTF8String: (const char * Sqlite3_column_text (statement, 0)]; NSString * password = [[NSString alloc] initWithUTF8 string: (const char *) sqlite3_column_text (statement, 1)]; If ([username isEqualToString: self.txtUsername.text] & amp; & amp; [password isEqualToString: self.txtPassword.text]) {[self showUIAlertWithMessage: @ andTitle "successfully logged in" @ "message"]; [Self should do PforformSegueWithIdentifier: @ "Login" sender: Self]; }} Other {[SHOWIILLTRMMM message: @ "username not found" and title: @ "message"]; }} Sqlite3_finalize (statement); Sqlite3_close (_db); }
NSString format is specifier % @ and not %% @ (in fact, any NSObject derived class that applies method). Use the
specification %% Avoid so that it will generate the literal sequence % @ in your case.
Note: Consider using bind variables that will avoid attacks of potential SQL-injection.
Note 2: This test is meaningless, that would be the same database before:
[username Akwltostring: self.txtUsername.text] < / Pre> 
Comments
Post a Comment