mysql1_dart icon indicating copy to clipboard operation
mysql1_dart copied to clipboard
verified publisher icon adamlofts

Question and thanks for your help

Open Ohpizarro opened this issue 5 years ago • 3 comments

There is the possibility to implement like command or stored procedure

Ohpizarro avatar Jun 22 '20 18:06 Ohpizarro

Like commando: ok.

_mysql = 'SELECT codart,desint,marart,modart FROM maeart WHERE desint LIKE ? LIMIT 2000'; descripcion = '%' + descripcion + '%'; List _parametros = [descripcion]; var results = await conn.query(_mysql, _parametros);

Ohpizarro avatar Jun 22 '20 21:06 Ohpizarro

It worked this way.

  String text1 = 'canal';
  String text2 = '99.751.118-8';
  text1 = '"' + text1 + '"';
  text2 = '"' + text2 + '"';
  _mysql = 'CALL maestros($text1,$text2)';
  var _results = await conn.query(_mysql);

Ohpizarro avatar Jun 24 '20 16:06 Ohpizarro

Mmmh... may be strings concatenation it's not secure? (see SQL Injection)

luX0r-reload avatar Jun 26 '20 13:06 luX0r-reload