MySQL/C++ connector mysql_real_escape_string function

Question

I wanted to use mysql_real_escape_string to handle apostrophe, backslashes etc. I searched and found this function

unsigned long mysql_real_escape_string(MYSQL *mysql, 
     char *to, const char *from, unsigned long length)

But this takes MYSQL *, but I use this code to connect :

        sql::Driver *driver;
        sql::Connection *con;
        sql::Statement *stmt;


        // Create a connection
        driver = get_driver_instance();
        con = driver->connect("tcp://127.0.0.1:3306", "root", "anubha");
        con->setSchema("db");
        stmt = con->createStatement(); 

So if I don't have a MYSQL *mysql object as the function requires. If I do connection like this :

         MYSQL* conn = mysql_init(NULL);
          mysql_real_connect(conn,"tcp://127.0.0.1:3306", "root", 
          "anubha", "db" ,0,NULL,0);

Then as I have MYSQL* object I can use the function, but should I change the connection code just to use this function. Isn't there another function available ? Also what is the difference between the 2 ways to connect, is it C vs C++ mysql connector api difference ?

Answer 1

You may want to use prepared queries with C++ connector:

sql::Connection *con;
sql::PreparedStatement  *prep_stmt
// ...

prep_stmt = con->prepareStatement("INSERT INTO test(id, label) VALUES (?, ?)");

prep_stmt->setInt(1, 1);
prep_stmt->setString(2, "a");
prep_stmt->execute();

prep_stmt->setInt(1, 2);
prep_stmt->setString(2, "b");
prep_stmt->execute();

delete prep_stmt;
delete con;

http://dev.mysql.com/doc/refman/5.1/en/connector-cpp-examples-prepared-statements.html

Also, yes, mysql_real_* are part of C connector's API, and it is the only difference.