Home > Blockchain >  c# System.Data.SQLite.SQLiteException: "SQL logic error unrecognized token: '#' "
c# System.Data.SQLite.SQLiteException: "SQL logic error unrecognized token: '#' "

Time:12-28

I want to Capture network traffic and save the ASCII code in my database and I still got this(is it unsupported character in database?):

Unhandled exception. code = Error (1), message = System.Data.SQLite.SQLiteException (0x800007BF): SQL logic error unrecognized token: "#" at System.Data.SQLite.SQLite3.Prepare(SQLiteConnection cnn, String strSql, SQLiteStatement previous, UInt32 timeoutMS, String& strRemain) at System.Data.SQLite.SQLiteCommand.BuildNextCommand() at System.Data.SQLite.SQLiteDataReader.NextResult() at System.Data.SQLite.SQLiteDataReader..ctor(SQLiteCommand cmd, CommandBehavior behave) at System.Data.SQLite.SQLiteCommand.ExecuteReader(CommandBehavior behavior) at System.Data.SQLite.SQLiteCommand.ExecuteNonQuery(CommandBehavior behavior) at CapturingAndParsingPackets.MainClass.Main(String[] args) in C:\Users\Administrator\CSharp\packetnet-master\packetnet-master\Examples\CapturingAndParsingPackets\Main.cs:line 196

here's my code:

try
    {
        string sql = $"insert into log (Time, TYPE, DstIP, DstPort, SrcIP, SrcPort, Flag, TotalPacketLength, AsciiCode) values ('{DateTime.Now.ToString("yyyy'-'MM'-'dd HH:mm:ss")}', 'TCP', '{ipPacket.DestinationAddress}', '{tcpPacket.DestinationPort}', '{ipPacket.SourceAddress}', '{tcpPacket.SourcePort}', '{tcpPacket.Flags}', '{tcpPacket.TotalPacketLength}', '{ipPacket.PrintAscii()}')";
        SQLiteCommand command = new SQLiteCommand(sql, m_dbconnection);
        command.ExecuteNonQuery();
        m_dbconnection.Close();
    }
catch(Exception) //if Ascii code is too long
    { 
    string sql = $"insert into log (Time, TYPE, DstIP, DstPort, SrcIP, SrcPort, Flag, TotalPacketLength, AsciiCode) values ('{DateTime.Now.ToString("yyyy'-'MM'-'dd HH:mm:ss")}', 'TCP', '{ipPacket.DestinationAddress}', '{tcpPacket.DestinationPort}', '{ipPacket.SourceAddress}', '{tcpPacket.SourcePort}', '{tcpPacket.Flags}', '{tcpPacket.TotalPacketLength}', 'Encrypted Code')";
        SQLiteCommand command = new SQLiteCommand(sql, m_dbconnection);
        command.ExecuteNonQuery();
        m_dbconnection.Close();
    }

And this is my database structure:

string sql = "create table log(PacketID INTEGER PRIMARY KEY AUTOINCREMENT, Time DATETIME,"  
                    "TYPE CHAR(6) NULL DEFAULT '', DstIP varchar(15), DstPort INT, SrcIP varchar(15), SrcPort INT, Flag varchar(2), TotalPacketLength INT, AsciiCode BLOB)";
                SQLiteCommand command = new SQLiteCommand(sql, m_dbconnection);
                command.ExecuteNonQuery();

CodePudding user response:

A Simple Wrapper class I provided on another answer.

You should never build a SQL command like you are. You will be open to SQL-Injection which is bad. By working directly with a class structure object that matches your table, this might offer better control and readability without the exposure to injection and bad formatting of string commands.

Page link:https//www.codepudding.com/Blockchain/655478.html

Prev:What is the best and performant way to compare enums in c#?
Next:.NET 6 Blazor Server App - Custom Data Validation Annotation Not Operating Properly
  • Related

About Us:  Contact Us      Terms of Service       Privacy Policy

Copyright © 2010-2023,Powered By CodePudding