MySQL C++ query Access Violation - c++

I have a DLL where I make a connection to a MySQL database. I have Open(), Close(), Update(), and Find() functions. The Update() functions inserts data into a table and this works just fine. The Find() function however is just doing a simple query against the same table. When I call the resultset getXX() function I'm getting an Access Violation error and I can't figure out why. What am I missing? Note the query is a view and not a direct table but I wouldn't think that would matter.
MT4_EXPFUNC int __stdcall Find(char* pair)
{
try
{
sql::Statement *stmt;
sql::ResultSet* res;
string p = pair;
string buysell = "";
string qry = "select * from forex.GPBUSD_CURRENT_PRICE";
stmt = _connection->createStatement();
res = stmt->executeQuery(qry);
// if we have a record it means we have a trade chance
if(res->next())
{
buysell = res->getString(1); // ACCESS VIOLATION ERROR HERE
}
// clean up
delete res;
delete stmt;
if(buysell == "SELL")
return 1;
else if(buysell == "BUY")
return 2;
else
return 0;
}
catch(sql::SQLException &e)
{
return -1;
}
}

have you considered if getString is a zero indexed method? Or if it's a null datatype your trying to access? or shoot just because res->next() works and doesn't crash, doesn't mean that res is a valid ptr.

Related

Is this a safe implementation of a generic SQL execute function?

Suppose the following implementation of a generic function to query a database using MySQL:
bool execute(const sql::SQLString query, std::vector<sql::ResultSet*> &results)
{
// ConnectionPool holds premade connections to the database
sql::Connection* conn = ConnectionPool::getInstance()::getConnection();
std::unique_ptr<sql::Statement> stmt;
bool success = false;
try
{
stmt.reset( conn->createStatement() );
stmt->execute( query );
do
{
results.push_back( stmt->getResultSet() );
} while ( stmt->getMoreResults() )
success = true;
}
catch ( ... )
{
// Other catch() statements are not a part of this question
std::cerr << "Exception caught!" << std::endl;
success = false;
}
conn->commit();
ConnectionPool::getInstance()::returnConnection( conn );
return success;
}
According to this example for retrieving results from a query, the ResultSet needs to be explicitly deleted. In regard to the implementation above, does this mean the vector of ResultSet pointers is safe to use (i.e., the objects they point to are not deleted by the deletion of the creating Statement)?
Also, am I doing anything unspeakably evil with this implementation?
The following implementation is safer. This is because the ResultSet is tied to the Connection, rather than the Statement. If the connection is closed, destroyed, or used for another purpose prior to the results being read, the ResultSet objects may become defunct and cause an abort condition. It is safer to let the calling function handle the Connection on its own.
Note that a better implementation would be for the sql::Connection* parameter to be std::unique_ptr< sql::Connection >&, but my personal needs dictate this cannot be done at this time.
bool execute(sql::Connection *conn, const sql::SQLString query, std::vector< std::unique_ptr<sql::ResultSet> > &results)
{
std::unique_ptr<sql::Statement> stmt;
bool success = false;
try
{
stmt.reset( conn->createStatement() );
stmt->execute( query );
do
{
results.emplace_back( stmt->getResultSet() );
} while ( stmt->getMoreResults() )
success = true;
}
catch ( ... )
{
// Other catch() statements are not a part of this question
std::cerr << "Exception caught!" << std::endl;
success = false;
}
conn->commit();
return success;
}

Create a function to get a username using a try and catch method in C++

I'm trying to create a function to get a username using a try and catch method in C++. Unfortunately this code doesn't work, and my application closes when it tries to run.
QString UserInfo::getFullUserName()
{
DBG_ENTERFUNC(getFullUserName);
QString result;
qDebug("trying to get the username");
try
{
struct passwd fullUserData=*getpwnam(getUserName().toLatin1());
result = fullUserData.pw_gecos;
// it is the first of the comma seperated records that contain the user name
result = result.split(",").first();
if (result.isEmpty())
{
result = getUserName();
}
}
catch (...)
{
qDebug("exception caught");
}
qDebug() << result;
#endif
DBG_EXITFUNC;
return result;
}
The problem occurs in this line of code as I have placed prints after it that are never reached.
struct passwd fullUserData=*getpwnam(getUserName().toLatin1());
Does anyone know what is the issue here?
*Edit--------
Here is my function getUserName()
QString UserInfo::GetUserName()
{
DBG_ENTERFUNC(GetUserName);
QString result;
foreach (QString environmentEntry, QProcess::systemEnvironment())
{
QString varName = environmentEntry.section('=',0,0);
QString varValue = environmentEntry.section('=',1,1);
if (varName == "USER" || varName == "USERNAME")
{
result = varValue;
}
}
DBG_EXITFUNC;
return result;
}
getpwnam() returns NULL when the username was not found. You are potentially dereferencing a NULL pointer.
*getpwnam(getUserName().toLatin1());
// ^ potential NULL pointer deref
Always check before deferencing a potentially invalid pointer:
struct passwd *fullUserData = getpwnam(getUserName().toLatin1());
// ^ note pointer
if (fullUserData != NULL) {
result = fullUserData->pw_gecos;
// ^^ fullUserData is a struct pointer
} else {
// throw Exception
}
If this is confusing to you, you might want to read up on C++ and pointers.

Is the return of last_insert_id always correct?

If I have the 2 following functions:
int AccessDb::InsertColValue(string tableName, string col, string val)
{
try
{
sql::Statement *stmt;
bool ret;
if ((nomTable != "") && (col != "") && (val != ""))
{
string query = "INSERT INTO " + tableName + "(" + col + ") values (";
query += val + ");";
stmt = con->createStatement();
ret = stmt->execute(query);
}
delete stmt;
return 0;
}
catch (sql::SQLException &e)
{
return -1;
}
}
and
long AccessDb::LastInsertId()
{
try
{
sql::Statement *stmt;
sql::ResultSet *res;
string query = "SELECT LAST_INSERT_ID() AS LAST_ID";
stmt = con->createStatement();
res = stmt->executeQuery(query);
delete stmt;
long lastId;
while (res->next())
{
lastId = res->getInt("LAST_ID");
}
return lastId;
}
catch (sql::SQLException &e)
{
return -1;
}
}
Can I be sure that the return of LastInsertId() will always give me the correct id if I write the following lines and if the id is auto generated by the database?
AccessDb adb; // initialize the connexion with the db
int ret = adb.InsertColValue("people", "name", "John");
if (ret == 0)
long lastId = adb.LastInsertId();
If the previous code is called somewhere else at the same time, can I have a wrong value in my lastId variable ? If yes, do I have to use locks and unlocks on my table to avoid that or another solution ?
Here's what the docs says:
The ID that was generated is maintained in the server on a
per-connection basis. This means that the value returned by the
function to a given client is the first AUTO_INCREMENT value generated
for most recent statement affecting an AUTO_INCREMENT column by that
client. This value cannot be affected by other clients, even if they
generate AUTO_INCREMENT values of their own. This behavior ensures
that each client can retrieve its own ID without concern for the
activity of other clients, and without the need for locks or
transactions.
So, unless your own code on the client is sharing a connection between several threads (Which it looks like you're not, since there are no mutexes or locks in your code) you can be sure SELECT LAST_INSERT_ID() isn't mixed up with any other connection or client.
I can't find the docs for the C++ mysql library but verify what the return value of ret = stmt->execute(query); in your InsertColValue() function means, such that you're sure the only possible way that you fail to insert anything is when an exception is thrown.

How to send C++ and mysql dynamic mysql queries

Working with Visual Studio, Windows 7 and mysql.h library.
What I want to do is send a MySQL query like this:
mysql_query(conn, "SELECT pass FROM users WHERE name='Leo Tolstoy'");
The only thing I can't get working is sending a query where the name would be not a constant as it's shown above, but a variable taken from a text field or anything else. So how should I work with a variable instead of a constant?
Hope I made my question clear.
Use a prepared statement, which lets you parameterize values, similar to how functions let you parameterize variables in statement blocks. If using MySQL Connector/C++:
// use std::unique_ptr, boost::shared_ptr, or whatever is most appropriate for RAII
// Connector/C++ requires boost, so
std::unique_ptr<sql::Connection> db;
std::unique_ptr<sql::PreparedStatement> getPassword
std::unique_ptr<sql::ResultSet> result;
std::string name = "Nikolai Gogol";
std::string password;
...
getPassword = db->prepareStatement("SELECT pass FROM users WHERE name=? LIMIT 1");
getPassword->setString(1, name);
result = getPassword->execute();
if (result->first()) {
password = result->getString("pass");
} else {
// no result
...
}
// smart pointers will handle deleting the sql::* instances
Create classes to handle database access and wrap that in a method, and the rest of the application doesn't even need to know that a database is being used.
If you really want to use the old C API for some reason:
MYSQL *mysql;
...
const my_bool yes=1, no=0;
const char* getPassStmt = "SELECT password FROM users WHERE username=? LIMIT 1";
MYSQL_STMT *getPassword;
MYSQL_BIND getPassParams;
MYSQL_BIND result;
std::string name = "Nikolai Gogol";
std::string password;
if (! (getPassword = mysql_stmt_init(mysql))) {
// error: couldn't allocate space for statement
...
}
if (mysql_stmt_prepare(getPassword, getPassStmt, strlen(getPassStmt))) {
/* error preparing statement; handle error and
return early or throw an exception. RAII would make
this easier.
*/
...
} else {
unsigned long nameLength = name.size();
memset(&getPassParams, 0, sizeof(getPassParams));
getPassParams.buffer_type = MYSQL_TYPE_STRING;
getPassParams.buffer = (char*) name.c_str();
getPassParams.length = &nameLength;
if (mysql_stmt_bind_param(getPassword, &getPassParams)) {
/* error binding param */
...
} else if (mysql_stmt_execute(getPassword)) {
/* error executing query */
...
} else {
// for mysql_stmt_num_rows()
mysql_stmt_store_result(getPassword);
if (mysql_stmt_num_rows(getPassword)) {
unsigned long passwordLength=0;
memset(&result, 0, sizeof(result));
result.length = &passwordLength;
mysql_stmt_bind_result(getPassword, &result);
mysql_stmt_fetch(getPassword);
if (passwordLength > 0) {
result.buffer = new char[passwordLength+1];
memset(result.buffer, 0, passwordLength+1);
result.buffer_length = passwordLength+1;
if (mysql_stmt_fetch_column(getPassword, &result, 0, 0)) {
...
} else {
password = static_cast<const char*>(result.buffer);
}
}
} else {
// no result
cerr << "No user '" << name << "' found." << endl;
}
}
mysql_stmt_free_result(getPassword);
}
mysql_stmt_close(getPassword);
mysql_close(mysql);
As you see, Connector/C++ is simpler. It's also less error prone; I probably made more mistakes using the C API than Connector/C++.
See also:
Developing Database Applications Using MySQL Connector/C++
Connector C++ in the MySQL Forge wiki
Wouldn't you just build the query-string, using sprint or concatenating strings or whatever, so that by the time it gets to MySQL, MySQL just sees the SQL and has no idea where the constant came from? Or am I missing something?
here is an example:
#include <sstream>
#include <string>
#include <iostream>
using namespace std;
/// ...
string name_value = "Leo Tolstoy";
ostringstream strstr;
strstr << "SELECT pass FROM users WHERE name='" << name_value << "'";
string str = strstr.str();
mysql_query(conn, str.c_str());

Connector/C++ MySQL error code: 2014 , SQLState: HY000 and Commands out of sync error why?

Hi im using Connector/C++ and executing simple 2 sql commands like this :
the first select sql run ok but the second one cause this exception error :
ERR: Commands out of sync; you can't run this comman d now (MySQL
error code: 2014, SQLState: HY000 )
here is the code :
//member of the class
ResultSet *temp_res;
// in different method
m_driver = get_driver_instance();
m_con = m_driver->connect(m_DBhost,m_User,m_Password);
m_con->setSchema(m_Database);
//here i excute the querys :
vector<string> query;
query.push_back("SELECT * FROM info_tbl");
query.push_back("INSERT INTO info_tbl (id,name,age)VALUES (0,foo,36)");
query.push_back("SELECT * FROM info_tbl");
ResultSet *res;
Statement *stmt;
bool stmtVal = false;
try{
stmt = m_con->createStatement();
for(size_t i = 0;i < querys.size();i++)
{
string query = querys.at(i);
stmtVal = stmt->execute(query);
if(!stmtVal)
{
string error_log ="sql statment:";
error_log.append(query);
error_log.append(" failed!");
cout << error_log << endl;
break;
}
}
if(stmtVal)
{
if(returnSet)
{
res = stmt->getResultSet();
temp_res = res;
}
}
delete stmt;
//close connection to db
m_con->close();
} catch (sql::SQLException &e) {
......
}
UPDATE NEW CODE AS SUGGESTED ( NOT WORKING )
for(size_t i = 0;i < querys.size();i++)
{
string query = querys.at(i);
stmtVal = stmt->execute(query);
if(stmtVal)
{
if(returnSet)
{
if(stmt->getResultSet()->rowsCount() > 0)
{
res = stmt->getResultSet();
temp_res = res;
}
else
{
delete res;
}
}
else
{
delete res;
}
}
if(!stmtVal)
{
string error_log ="sql statment:";
error_log.append(query);
error_log.append(" failed!");
cout << error_log << endl;
break;
}
}
this is my simple table :
Column Type Null
id int(10) No
name varchar(255) No
age int(10) No
You can't have more than one active query on a connection at a time.
From the mysql_use_result docs:
You may not use mysql_data_seek(), mysql_row_seek(), mysql_row_tell(), mysql_num_rows(), or mysql_affected_rows() with a result returned from mysql_use_result(), nor may you issue other queries until mysql_use_result() has finished.
That's not exactly what you're using, but the problem is the same - you'll need to finish processing the first ResultSet and clean it up before you can issue any other query on that connection.
I was getting the same error until I changed my code to how MySQL says to do it.
Old code:
res.reset(stmt->getResultSet());
if (res->next())
{
vret.push_back(res->getDouble("VolumeEntered"));
vret.push_back(res->getDouble("VolumeDispensed"));
vret.push_back(res->getDouble("Balance"));
}
New code without error:
do
{
res.reset(stmt->getResultSet());
while(res->next())
{
vret.push_back(res->getDouble("VolumeEntered"));
vret.push_back(res->getDouble("VolumeDispensed"));
vret.push_back(res->getDouble("Balance"));
}
} while (stmt->getMoreResults());
I ran into this problem also and took me a little while to figure it out. I had even set the "CLIENT_MULTI_RESULTS" and "CLIENT_MULTI_STATEMENTS" with no avail.
What is happening is MySql thinks that there is another result set waiting to be read from the first call to the Query. Then if you try to run another Query, MySql thinks that it still has a ResultSet from last time and sends the "Out of Sync" Error.
This looks like it might be a C++ Connector issue but I have found a workaround and wanted to post it in case anyone else is having this same issue:
sql::PreparedStatement *sqlPrepStmt;
sql::ResultSet *sqlResult;
int id;
std::string name;
try {
//Build the Query String
sqlStr = "CALL my_routine(?,?)";
//Get the Result
sqlPrepStmt = this->sqlConn->prepareStatement(sqlStr);
sqlPrepStmt->setInt(1, itemID);
sqlPrepStmt->setInt(2, groupId);
sqlPrepStmt->executeUpdate();
sqlResult = sqlPrepStmt->getResultSet();
//Get the Results
while (sqlResult->next()) {
id = sqlResult->getInt("id");
name = sqlResult->getString("name");
}
//Workaround: Makes sure there are no more ResultSets
while (sqlPrepStmt->getMoreResults()) {
sqlResult = sqlPrepStmt->getResultSet();
}
sqlResult->close();
sqlPrepStmt->close();
delete sqlResult;
delete sqlPrepStmt;
}
catch (sql::SQLException &e) {
/*** Handle Exception ***/
}