Thread: Can someone tell me what I'm doing wrong?

  1. #1
    Registered User
    Join Date
    Dec 2011
    Posts
    3

    Can someone tell me what I'm doing wrong?

    I'm not very experienced with C++, I can't tell what I'm doing wrong. The error was using a string or int with a char *. Has to do with trying to submit the repnum in the mysql query.

    /* C++ Program that connects to the MYSQL server and
    prints out the most recent order information based
    off rep num given by the user*/

    Code:
    #include <istream>
    #include <iostream> 
    #include <iomanip>
    #include <stdio.h>
    #include <cstdlib>
    #include <mysql.h>
    #include <string.h>
    #incyde <sstream>
    using namespace std;
    main() {
     MYSQL *conn;
     MYSQL_RES *res;
     MYSQL_ROW row;
     char *query = NULL;
     char *server = "students";
     char *user = "********";
     char *password = "********";
     char *database = "********";
     int repnum;
     string order;
    
     conn = mysql_init(NULL);
    
    if (!mysql_real_connect(conn, server,
     user, password, database, 0, NULL, 0)){
      fprintf(stderr, "%s\n", mysql_error(conn));             
      exit(1);
     }
    
    
     cout << "Please enter the number of your sales rep: ";
     cin >> repnum;
     
    
     query = "SELECT o.ORDER_NUM, o.ORDER_DATE, o.CUSTOMER_NUM, c.CUSTOMER_NAME, c.STREET, c.CITY, c.STATE, c.ZIP FROM ORDERS o, CUSTOMER c WHERE o.ORDER_NUM = '"+repnum+"' AND c.CUSTOMER_NUM = o.CUSTOMER_NUM AND ORDER_NUM = (SELECT MAX(ORDER_NUM)) ORDER BY ORDER_NUM ORDER BY ORDER_NUM";
     
    
    if (mysql_query(conn, query)){
          fprintf(stderr, "%s\n", mysql_error(conn));
          exit(1);
     }
     
    
     res = mysql_use_result(conn);
     
     int stop = 8;
     int cnt = 0;
    
     printf("\nOrder Information:\n\n");
      
     row = mysql_fetch_row(res);
     
    
     while (cnt < stop)  
         {                                                   
         cout << row[cnt];                          
         cnt++;                                       
         }                                               
    
    order = row[0];            //attempt to save the order number(order) from  result to use in another query, the one below
    cout << endl;                                   
     
    
     query = "SELECT o.PART_NUM, p.DESCRIPTION, o.NUM_ORDERED, o.QUOTED_PRICE FROM ORDER_LINE o, PART p WHERE ORDER_NUM = '"+order+"' AND p.PART_NUM = o.PART_NUM";
     
    
     if (mysql_query(conn, query)){
          fprintf(stderr, "%s\n", mysql_error(conn));
          exit(1);
          }
     
     res = mysql_use_result(conn);
     cnt = 0;
     
    
         while ((row = mysql_fetch_row(res)) != NULL)
          {
           cout << row[cnt];
           cnt++;
                  if ((cnt = 4) || (cnt = 8))    //new row for next item, after first 4 print out, which is the info for 1 item
                  cout << endl;                           
          }
     
    
     mysql_free_result(res);
     mysql_close(conn);
     return 0;
    }
    Last edited by BuckChoyBoy; 12-03-2011 at 11:33 PM. Reason: Underlined and bolded problem areas

  2. #2
    Lurking whiteflags's Avatar
    Join Date
    Apr 2006
    Location
    United States
    Posts
    9,613
    I would use a string stream to build the query, and then you can do something like this.

    Code:
    query = builder.str().c_str(); 
    if (mysql_query(conn, query)){
          fprintf(stderr, "%s\n", mysql_error(conn));
          exit(1);
     }

  3. #3
    Registered User
    Join Date
    Dec 2007
    Posts
    2,675
    Instead of an error description like
    The error was using a string or int with a char *. Has to do with trying to submit the repnum in the mysql query.
    Why not copy and paste the error just as it appears to you and tell us to what line in your code the error is pointing?

  4. #4
    Registered User
    Join Date
    Dec 2011
    Posts
    3
    ASSIGN9.cpp:44: error: invalid operands of types âconst char*â and âconst ch116]â to binary âoperator+â

    Wasn't thinking..

  5. #5
    Registered User
    Join Date
    Apr 2006
    Posts
    2,149
    Whiteflags has the right of it. Use a string stream. I would actually make query a string stream, and call .str().c_str() when you pass it to mysql_query, but it hardly matters.
    It is too clear and so it is hard to see.
    A dunce once searched for fire with a lighted lantern.
    Had he known what fire was,
    He could have cooked his rice much sooner.

  6. #6
    Algorithm Dissector iMalc's Avatar
    Join Date
    Dec 2005
    Location
    New Zealand
    Posts
    6,318
    Just in case two independent suggestions isn't enough... Use a string stream for this.
    You can't just concatenate string literals and other stuff the way you are trying to do it.
    My homepage
    Advice: Take only as directed - If symptoms persist, please see your debugger

    Linus Torvalds: "But it clearly is the only right way. The fact that everybody else does it some other way only means that they are wrong"

  7. #7
    Registered User
    Join Date
    Dec 2011
    Posts
    3
    it compiles now, but when i ask for the repnum the program crashes "segmentation fault". from what i read it has to do with pointers or memory allocation. Can't find where.

    Code:
    #include <iostream> 
    #include <cstdlib>
    #include <mysql.h>
    #include <string.h>
    using namespace std;
    MYSQL *conn, mysql;
    MYSQL_RES *res;
    MYSQL_ROW row;
    int query_state;
    
    
    int main() 
    {
    
    
        string query;
        char *server = "students";
        char *user = "xxxxxxxx";
        char *password = "xxxxxxxx";
        char *database = "xxxxxxx";
        string repnum;
        string order;
    
    
        mysql_init(&mysql);
        
        conn = mysql_real_connect(&mysql, server, user, password, database, 0, 0, 0);
        
        if (conn == NULL)
            {
            cout << mysql_error(&mysql) << endl;
            return 1;
            }
    
    
        cout << "Please enter the number of your sales rep: ";
        cin >> repnum;
        
        query = "SELECT o.ORDER_NUM, o.ORDER_DATE, o.CUSTOMER_NUM, c.CUSTOMER_NAME, c.STREET, c.CITY, c.STATE, c.ZIP FROM ORDERS o, CUSTOMER c WHERE c.REP_NUM  = '"+repnum+"' AND c.CUSTOMER_NUM = o.CUSTOMER_NUM AND ORDER_NUM = (SELECT MAX(ORDER_NUM)) ORDER BY ORDER_NUM DESC";
        
        query_state = mysql_query(conn, query.c_str());
            if (query_state != 0)
            {
            cout << mysql_error(conn) << endl;
            return 1;
            }
        
        res = mysql_store_result(conn);
    
    
        cout << "\nOrder Information:\n\n";
        cout << "\nOrderNum OrderDate  CustomerNum  CustomerName             Address\n\n";
        while ((row = mysql_fetch_row(res)) != NULL);
            {
            cout << row[0] <<"   "<<row[1]<<"   "<<row[2]<<"       "<<row[3]<<"  "<<row[4]<<" "<<row[5]<<" "<<row[6]<<" "<<row[7];
            }
        order = row[0];
        cout << endl;
        
        query = "SELECT o.PART_NUM, p.DESCRIPTION, o.NUM_ORDERED, o.QUOTED_PRICE FROM ORDER_LINE o, PART p WHERE ORDER_NUM = '"+order+ "' AND p.PART_NUM = o.PART_NUM";
        
        query_state = mysql_query(conn, query.c_str());
        
        if (query_state != 0)
        {
          cout << mysql_error(conn) << endl;
          exit(1);
        }
        
        res = mysql_use_result(conn);
        
        while ((row = mysql_fetch_row(res)) != NULL);
        {
        cout << row[0];
        }
        
        mysql_free_result(res);
        mysql_close(conn);
        
    return 0;
    }
    Last edited by BuckChoyBoy; 12-05-2011 at 04:42 PM. Reason: personal info

  8. #8
    and the hat of int overfl Salem's Avatar
    Join Date
    Aug 2001
    Location
    The edge of the known universe
    Posts
    39,660
    So do something like

    gcc -g prog.c
    gdb ./a.out


    Then at the gdb prompt, type "run"

    When it crashes, you'll be back at the gdb prompt, where you type "bt" to find out where you are, and you can type "print var" to examine variables to see what makes sense and what doesn't.

    Even just posting your "bt" trace would be a big help.
    If you dance barefoot on the broken glass of undefined behaviour, you've got to expect the occasional cut.
    If at first you don't succeed, try writing your phone number on the exam paper.

  9. #9
    Algorithm Dissector iMalc's Avatar
    Join Date
    Dec 2005
    Location
    New Zealand
    Posts
    6,318
    This also might be a good time to introduce you to the perils of SQL injection vulnerabilities. Given the unfortunate number of beginners who end up writing production code containing such devastating exploits in the form of SQL injection vulnerability, I'd say it is imperative that even someone just starting out with SQL learn about it straight away.

    With the code you have, you've just granted anyone running the code limitless power over the PC that the database resides on. Typically an attacker can steal the entire contents of your database, wipe your database clean, install malware, and turn the PC into part of a botnet, or whatever else they choose, just by allowing unfiltered user input to make it into a query string. Yes this is serious stuff!
    My homepage
    Advice: Take only as directed - If symptoms persist, please see your debugger

    Linus Torvalds: "But it clearly is the only right way. The fact that everybody else does it some other way only means that they are wrong"

Popular pages Recent additions subscribe to a feed

Similar Threads

  1. Replies: 3
    Last Post: 11-14-2011, 06:35 PM
  2. wrong wrong with my xor function?
    By Anddos in forum C++ Programming
    Replies: 5
    Last Post: 04-26-2009, 01:38 PM
  3. whats wrong with this? no errors but wrong result
    By InvariantLoop in forum C Programming
    Replies: 6
    Last Post: 01-28-2005, 12:48 AM
  4. Replies: 9
    Last Post: 07-15-2004, 03:30 PM
  5. What am I doing wrong?
    By Jason Spaceman in forum C++ Programming
    Replies: 3
    Last Post: 11-26-2002, 08:15 PM

Tags for this Thread