SOCI行集 <row> 怪异的错误

Question

I recently installed SOCI library for my project because it requires working with SQLite database. I tried to fetch rowset but I got weird error:

"c:\mingw\include\soci\exchange-traits.h:35:5: error: incomplete type 'soci::details::exchange_traits<soci::row>' used in nested name specifier".

I have no idea what's wrong with my code... the line that does that error is:

soci::rowset<> results = (sql.prepare << "SELECT * from games where user_name='" << user.getName() << "'");

By the way, I use the most recent version of SOCI. the wider part of the code:

soci::session& sql = conn.getSession();
soci::rowset<> results = (sql.prepare << "SELECT * from games where user_name='" << user.getName() << "'");
for(soci::rowset<>::const_iterator it = results.begin(); it != results.end(); ++it)...

Answer 1

You have to specify the type of the soci::rowset , because it's a templated type. So for example if you select a integer column, you would use a soci::rowset<int> as type for results . Your example is a special case, because you don't know the type yet, but for this soci has defined the soci::row type, so you could use soci::rowset<soci::row> results

Also you should never build your query by concatenation of user input strings, so instead of sql.prepare << "SELECT * from games where user_name='" << user.getName() << "'" use sql.prepare << "SELECT * from games where user_name=:name", soci::use(name,user.getName()); instead.

Otherwise you're vulnerable for so called SQL-Injection Attacks