UE4、MySQL预处理插入语句
作者:互联网
MYSQL_STMT *Ptr = mysql_stmt_init(&mysql);
char *SQL = "INSERT INTO ppp1 VALUES(?,?)";//放置注入攻击
int ret = mysql_stmt_prepare(Ptr, SQL, FString(ANSI_TO_TCHAR(SQL)).Len());
if (ret != 0)
{
GEngine->AddOnScreenDebugMessage(-1, 10, FColor::Red, mysql_stmt_error(Ptr));
return;
}
int32 id = 100;
MYSQL_BIND Pram[2];
FMemory::Memset(Pram, 0, sizeof(Pram));
Pram[0].buffer_type = MYSQL_TYPE_LONG;
Pram[0].buffer = &id;
Pram[0].length = 0;
char *content = "Hello";
uint32 contentlen = strlen(content);
Pram[1].buffer_type = MYSQL_TYPE_VARCHAR;
//Pram[1].is_null = 0;
Pram[1].buffer = content;
Pram[1].length = (unsigned long*)&contentlen;
Pram[1].buffer_length = contentlen;
ret = mysql_stmt_bind_param(Ptr, Pram);
if (ret != 0)
{
GEngine->AddOnScreenDebugMessage(-1, 10, FColor::Red, mysql_stmt_error(Ptr));
return;
}
ret = mysql_stmt_execute(Ptr);
if (ret != 0)
{
GEngine->AddOnScreenDebugMessage(-1, 10, FColor::Red, mysql_stmt_error(Ptr));
return;
}
mysql_stmt_close(Ptr);
UE4点击Play后,数据库更新
标签:buffer,MySQL,stmt,Ptr,ret,mysql,UE4,Pram,预处理 来源: https://blog.csdn.net/qq_40008456/article/details/119080487