From fbc1b118cafae62a2808884ae5ad46df6aa488de Mon Sep 17 00:00:00 2001 From: "Begerad, Stefan" Date: Thu, 5 Jan 2023 15:30:31 +0100 Subject: [PATCH] feat: add prepared_statement --- prepared_statement/main.c | 93 ++++++++++++++++++++++++++++++++++++ prepared_statement/makefile | 24 ++++++++++ prepared_statement/readme.md | 23 +++++++++ 3 files changed, 140 insertions(+) create mode 100644 prepared_statement/main.c create mode 100644 prepared_statement/makefile create mode 100644 prepared_statement/readme.md diff --git a/prepared_statement/main.c b/prepared_statement/main.c new file mode 100644 index 0000000..fe6317b --- /dev/null +++ b/prepared_statement/main.c @@ -0,0 +1,93 @@ +#include +#include +#include + +void do_exit(PGconn *conn) { + PQfinish(conn); + exit(1); +} + +int main(int argc, char *argv[]) { + /*declaration*/ + const char *conninfo; + const int LEN = 10; + const char *paramValues[1]; + + printf("main() Started...\n"); + if (argc != 3) { + fprintf(stderr, "Usage: ./main \n"); + exit(1); + } + + printf("main() argv[1]: %s\n", argv[1]); + int rowId; + + /*store command line argument in int variable*/ + /*validate user input*/ + /*omit SQL injection*/ + /*stream:argv*/ + int ret = sscanf(argv[1], "%d", &rowId); + + /*valid user input:1 successfully filled item*/ + if (ret != 1) { + fprintf(stderr, "The argument must be an integer\n"); + exit(1); + } + + if (rowId < 0) { + fprintf(stderr, "Error passing a negative rowId\n"); + exit(1); + } + + printf("main() LEN: %d\n", LEN); + char str[LEN]; + printf("main() str.length: %ld\n", sizeof(str)); + snprintf(str, LEN, "%d", rowId); + printf("main() str: %s\n", str); + paramValues[0] = str; + + /*read command line*/ + printf("main() argv[2]: %s\n", argv[2]); + conninfo = argv[2]; + + /*connect to database*/ + PGconn *conn = PQconnectdb(conninfo); + if (PQstatus(conn) == CONNECTION_BAD) { + fprintf(stderr, "Connection to database failed: %s\n", + PQerrorMessage(conn)); + PQfinish(conn); + exit(1); + }else if(PQstatus(conn)==CONNECTION_OK){ + printf("main() connected to database\n"); + }else{ + printf("main() connection status NOT known\n"); + } + + char *stm = "SELECT * FROM cars_cleanup WHERE Id=$1"; + + /*create prepared statement*/ + /*conn:connection*/ + /*stm:statement*/ + /*1:number of passed parameters*/ + /*NULL: server figures out parameter type*/ + /*paramValues:pointer of an array of strings containing parameters*/ + /*NULL:relevant for binary parameters*/ + /*NULL:relevant for binary parameters*/ + /*0:obtain result in text format*/ + PGresult *res = PQexecParams(conn, stm, 1, NULL, paramValues, + NULL, NULL, 0); + + if (PQresultStatus(res) != PGRES_TUPLES_OK) { + printf("No data retrieved\n"); + PQclear(res); + do_exit(conn); + } + + printf("%s %s %s\n", PQgetvalue(res, 0, 0), + PQgetvalue(res, 0, 1), PQgetvalue(res, 0, 2)); + PQclear(res); + + PQfinish(conn); + return 0; +} + diff --git a/prepared_statement/makefile b/prepared_statement/makefile new file mode 100644 index 0000000..b14baca --- /dev/null +++ b/prepared_statement/makefile @@ -0,0 +1,24 @@ +# Docu +# +#$@ is the name of the file to be made +#$? is the names of the changed dependents +#$< the name of the related file that caused the action +#$* the prefix shared by target and dependent files +# +# Others +RM = /bin/rm -f +# +# Source, Executable, Includes, Library Defines +EXE = main +# +# Compiler, Linker Defines +CC = /usr/bin/gcc +# +all: main.o + $(CC) main.c -I/usr/include/postgresql -L/usr/lib/x86_64-linux-gnu -lpq -std=c99 -Wall -o $(EXE) +# +main.o: + $(CC) -c main.c -I/usr/include/postgresql +# Clean Up Objects, Exectuables, Dumps out of source directory +clean: + $(RM) *.o $(EXE) *~ diff --git a/prepared_statement/readme.md b/prepared_statement/readme.md new file mode 100644 index 0000000..a0dc22d --- /dev/null +++ b/prepared_statement/readme.md @@ -0,0 +1,23 @@ +* build + +``` +make +``` + +* run + +``` +./main 'postgresql://begerad:secret@localhost:5432/sib00_vbn_gtfs' +``` + +* or run + +``` +./main 'postgresql://begerad:secret@localhost:5432/vbn_data' +``` + +* or run + +``` +./main "host=localhost port=5432 user=begerad password= dbname=vbn_data" +``` \ No newline at end of file