0

私のビューコントローラでは、詳細が表示されます。したがって、ユーザーが[追加]ボタンをクリックすると、sqliteにデータが挿入されます。問題は、データが以前に挿入されているかどうかを確認する方法です。

 //this code is in viewDidLoad
NSString *sql = [NSString stringWithFormat:@"SELECT * FROM exhibitor"];
    sqlite3_stmt *statement;
     check= 0;
    if(sqlite3_prepare_v2(db, [sql UTF8String], -1, &statement, nil) == SQLITE_OK){
        while (sqlite3_step(statement)==SQLITE_ROW) {
            char *exName2 = (char *) sqlite3_column_text(statement, 1);
            NSString *exNameStr = [[NSString alloc] initWithUTF8String:exName2];
            NSString *exhibName = [exhibitionArticle objectForKey:@"ex_name"];

            if([exNameStr isEqualToString:(exhibName)] ){
                check += 1;      
            }else{
                check += 0;
            }

        }
        NSLog(@"%d Result is", check);
    }     //this code checking my data is in sqlite or not

データがsqliteにない場合は、ボタンでデータを挿入します。

- (IBAction)addExhibitor:(id)sender {

    NSLog(@"%d this is addExhibitor int", check);
    if(check == 0){
    NSDate *exhibAddDate = [NSDate date];
    NSString *exhibName = [exhibitionArticle objectForKey:@"ex_name"];
    NSString *exhibAbout = [exhibitionArticle objectForKey:@"ex_about"];
    NSString *exhibBooth = [exhibitionArticle objectForKey:@"ex_booth"];
    NSString *exhibAddress = [exhibitionArticle objectForKey:@"ex_address"];
    NSString *exhibTelephone = [exhibitionArticle objectForKey:@"ex_telephone"];
    NSString *exhibFax = [exhibitionArticle objectForKey:@"ex_fax"];
    NSString *exhibWebSite = [exhibitionArticle objectForKey:@"ex_website"];
    NSString *exhibEmail = [exhibitionArticle objectForKey:@"ex_email"];

    NSString *sql1 = [NSString stringWithFormat:@"INSERT INTO exhibitor ('exhibAddDate', 'exhibName', 'exhibAbout', 'exhibBooth', 'exhibAddress', 'exhibTelephone', 'exhibFax', 'exhibWebSite', 'exhibEmail') VALUES('%@', '%@', '%@', '%@', '%@', '%@', '%@', '%@', '%@')", exhibAddDate, exhibName, exhibAbout, exhibBooth, exhibAddress, exhibTelephone, exhibFax, exhibWebSite, exhibEmail ];

    char *err;
    if(sqlite3_exec(db, [sql1 UTF8String], NULL, NULL, &err) != SQLITE_OK){

        sqlite3_close(db);
        NSAssert(0, @"Could not update table");
    }else{

        NSLog(@"Table Updated");
    }
    }
    else{
     //   UIAlertView *alert = [[UIAlertView alloc] initWithTitle:@"Same Data" message:@"Your data already there" delegate:nil cancelButtonTitle:@"OK" otherButtonTitles:nil, nil];
      //  [alert show];

    }


}
4

1 に答える 1

2 
int check = 0;
sqlite3_stmt *statement = nil;
const char * sql;

sql = "SELECT COUNT(*) FROM exhibitor WHERE exhibName = ?";

sqlite3_prepare_v2(db, sql, -1, &statement, NULL);
sqlite3_bind_text(statement, 1, [[exhibitionArticle objectForKey:@"ex_name"] UTF8String], -1, SQLITE_TRANSIENT);

while (sqlite3_step(statement) == SQLITE_ROW) {

    check = sqlite3_column_int(statement, 0);

}

sqlite3_finalize(statement);

if (check == 0) {
    NSLog(@"Result of count is %d and so the data is not in the database", check);
    //insert the data

    NSDate *exhibAddDate = [NSDate date];
    NSString *exhibName = [exhibitionArticle objectForKey:@"ex_name"];
    NSString *exhibAbout = [exhibitionArticle objectForKey:@"ex_about"];
    NSString *exhibBooth = [exhibitionArticle objectForKey:@"ex_booth"];
    NSString *exhibAddress = [exhibitionArticle objectForKey:@"ex_address"];
    NSString *exhibTelephone = [exhibitionArticle objectForKey:@"ex_telephone"];
    NSString *exhibFax = [exhibitionArticle objectForKey:@"ex_fax"];
    NSString *exhibWebSite = [exhibitionArticle objectForKey:@"ex_website"];
    NSString *exhibEmail = [exhibitionArticle objectForKey:@"ex_email"];

    sql = "INSERT INTO exhibitor ('exhibAddDate', 'exhibName', 'exhibAbout', 'exhibBooth', 'exhibAddress', 'exhibTelephone', 'exhibFax', 'exhibWebSite', 'exhibEmail') VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?)";

    sqlite3_prepare_v2(db, sql, -1, &statement, NULL);
    sqlite3_bind_text(statement, 1, [exhibAddDate UTF8String], -1, SQLITE_TRANSIENT);
    sqlite3_bind_text(statement, 2, [exhibName UTF8String], -1, SQLITE_TRANSIENT);
    sqlite3_bind_text(statement, 3, [exhibAbout UTF8String], -1, SQLITE_TRANSIENT);
    sqlite3_bind_text(statement, 4, [exhibBooth UTF8String], -1, SQLITE_TRANSIENT);
    sqlite3_bind_text(statement, 5, [exhibAddress UTF8String], -1, SQLITE_TRANSIENT);
    sqlite3_bind_text(statement, 6, [exhibTelephone UTF8String], -1, SQLITE_TRANSIENT);
    sqlite3_bind_text(statement, 7, [exhibFax UTF8String], -1, SQLITE_TRANSIENT);
    sqlite3_bind_text(statement, 8, [exhibWebSite UTF8String], -1, SQLITE_TRANSIENT);
    sqlite3_bind_text(statement, 9, [exhibEmail UTF8String], -1, SQLITE_TRANSIENT);

    if (sqlite3_step(statement) == SQLITE_DONE){
         NSLog(@"Exhibit added");
    } else {
         NSLog( @"Failed from sqlite3_prepare_v2. Error is:  %s", sqlite3_errmsg(db));
    }

} else {
    NSLog(@"Result of count is %d and so the data is already in the database", check);
}

sqlite3_finalize(statement);
sqlite3_close(db);

このようなものを試してみてください!

--> exhibName <-- SQL では、データを検索する列である必要があります。

最善の方法は、これをすべて IBAction に入れることです。チェック == 0 の場合は、挿入を実行します。

また、SQL インジェクションに対して脆弱であるため、バインド変数を確認してください。これは、たとえばタイトルとして「blabla; DELETE * FROM Exhibitionor; blabla」と入力すると、ユーザーがテーブル内のすべてのデータを削除する危険性があることを意味します。変数をバインドすることで、これが起こらないようにします。

XCode が手元にないので、すべてが機能するかどうかを確認できません。

幸運を

于 2012-12-20T02:43:17.173 に答える