#include "Database.h" // if (!_db.CheckSyntax(req)) // { // wxString s = req; // std::cout << s.mb_str() << " is invalid !\n" ; // code_if_syntax_fail; // return return_value; // } #define EXECUTE_SQL_UPDATE_WITH_CODE(req, return_value, code_if_fail, code_if_syntax_fail) \ do{\ try\ {\ _db.ExecuteUpdate(req);\ }\ catch (wxSQLite3Exception e)\ {\ std::cerr << req.mb_str() << "\n" ;\ std::cerr << e.GetMessage().mb_str() << "\n" ;\ code_if_fail; \ return return_value;\ }\ } while(0); #define EXECUTE_SQL_QUERY_WITH_CODE(req, res, return_value, code_if_fail, code_if_syntax_fail) \ do{\ try\ {\ res = _db.ExecuteQuery(req);\ }\ catch (wxSQLite3Exception e)\ {\ std::cerr << req.mb_str() << "\n" ;\ std::cerr << e.GetMessage().mb_str() << "\n" ;\ code_if_fail; \ return return_value;\ }\ } while(0); #define EXECUTE_SQL_QUERY(req, res, return_value) EXECUTE_SQL_QUERY_WITH_CODE(req, res, return_value, {}, {}) #define EXECUTE_SQL_UPDATE(req, return_value) EXECUTE_SQL_UPDATE_WITH_CODE(req, return_value, {}, {}) static inline wxString DoubleToString(double d) { wxString res; res = wxString::Format(wxT("%.2lf"), d); res.Replace(wxT(","), wxT(".")); return res; } Database::Database() { std::ifstream bdd_file; bdd_file.open(BDD_FILE); if (!bdd_file) { CreateDatabase(); } else _db.Open(wxT(BDD_FILE)); bdd_file.close(); } void Database::CreateDatabase() { std::ifstream init_script; std::string line; wxString wxline; wxMessageBox(_("No database found, creating a new one"), wxT("KissCount"), wxICON_EXCLAMATION | wxOK ); init_script.open(INIT_SCRIPT); if (!init_script) { wxMessageBox(_(INIT_SCRIPT " not found, aborting"), _("Error"), wxICON_ERROR | wxOK ); throw "init.sql not found, aborting"; } _db.Open(wxT(BDD_FILE)); do { getline(init_script, line); wxline = wxString(line.c_str(), wxConvUTF8); wxline.Trim(false); if (!wxline.Length() || wxline.StartsWith(wxT("--"))) continue; if (!_db.CheckSyntax(wxline)) { std::cout << line << " is invalid !\n" ; continue; } try { _db.ExecuteUpdate(wxline); } catch (...) { wxMessageBox(_("Error creating original database"), _("Error"), wxICON_ERROR | wxOK ); remove(BDD_FILE); throw line; } } while (init_script); init_script.close(); } wxString Database::HashPassword(wxString password) { blk_SHA_CTX sha_ctx; unsigned char sha[20]; wxString wxSHA; blk_SHA1_Init(&sha_ctx); blk_SHA1_Update(&sha_ctx, password.c_str(), password.Length()); blk_SHA1_Final(sha, &sha_ctx); for(int i=0; i<20; i++) wxSHA += wxString::Format(wxT("%02x"), (int)sha[i]); return wxSHA; } std::list Database::GetUsers() { std::list res; wxString req; // Check whether value exists in table wxSQLite3ResultSet set ; req = wxT("SELECT name FROM user ORDER BY name"); EXECUTE_SQL_QUERY(req, set, res); while (set.NextRow()) { res.push_front(set.GetAsString(0)); } set.Finalize(); return res; } bool Database::IsValidUser(wxString user, wxString password) { bool res; wxString req; wxSQLite3ResultSet set; req = wxT("SELECT name FROM user WHERE name='") + user + wxT("' AND password='") + HashPassword(password) + wxT("'"); EXECUTE_SQL_QUERY(req, set, false); res = set.NextRow() ; set.Finalize(); return res; } User* Database::LoadUser(wxString name) { wxSQLite3ResultSet set; wxString req; User* user; struct Account account; struct category category; std::vector::iterator it; req = wxT("SELECT * FROM user WHERE name='") + name + wxT("'"); EXECUTE_SQL_QUERY(req, set, NULL); if (!set.NextRow()) return NULL; user = new User(); user->_id = set.GetAsString(wxT("id")); user->_name = set.GetAsString(wxT("name")); user->_password = wxT("") ; // Security reasons set.GetAsString("password"); set.Finalize(); req = wxT("SELECT * FROM account WHERE user='") + user->_id + wxT("' ORDER BY default_account DESC, name ASC"); EXECUTE_SQL_QUERY_WITH_CODE(req, set, NULL, {delete user;}, {delete user;}); while (set.NextRow()) { account.id = set.GetAsString(wxT("id")); account.name = set.GetAsString(wxT("name")); account.number = set.GetAsString(wxT("number")); account.shared = set.GetBool(wxT("shared")); account._default = set.GetBool(wxT("default_account")); user->_accounts.push_back(account); } set.Finalize(); if (!user->_accounts.empty()) { it = user->_accounts.begin(); req = wxT("SELECT DISTINCT year FROM operation WHERE account IN('") + it->id; it++; for (;it != user->_accounts.end(); it++) { req += wxT("', '") + it->id ; } req += wxT("')"); req += wxT(" OR user='") + user->_id + wxT("'"); req += wxT(" ORDER BY year ASC"); EXECUTE_SQL_QUERY_WITH_CODE(req, set, NULL, {delete user;}, {delete user;}); while (set.NextRow()) { user->_operations[set.GetInt(wxT("year"))] = NULL; } set.Finalize(); } req = wxT("SELECT * FROM category WHERE user='") + user->_id + wxT("' ORDER BY name ASC"); EXECUTE_SQL_QUERY_WITH_CODE(req, set, NULL, {delete user;}, {delete user;}); while (set.NextRow()) { category.id = set.GetAsString(wxT("id")); category.parent = set.GetAsString(wxT("parent")); category.name = set.GetAsString(wxT("name")); category.color = wxColour(set.GetAsString(wxT("color"))); category.font = set.GetAsString(wxT("font")); if (category.name != wxT("Fixe")) user->_categories.push_back(category); else user->_categories.insert(user->_categories.begin(), category); } set.Finalize(); req = wxT("SELECT name, value FROM preference WHERE user='") + user->_id + wxT("' ORDER BY value ASC"); EXECUTE_SQL_QUERY_WITH_CODE(req, set, NULL, {delete user;}, {delete user;}); while (set.NextRow()) user->_preferences[set.GetAsString(wxT("name"))] = set.GetAsString(wxT("value")); set.Finalize(); return user; } void Database::LoadYear(User* user, int year) { wxSQLite3ResultSet set; wxString req; std::vector::iterator it; if (user->_operations[year] == NULL) user->_operations[year] = new std::map >(); if (!user->_accounts.size()) return; it = user->_accounts.begin(); req = wxT("SELECT * FROM operation WHERE (account IN('") + it->id; it++; for (;it != user->_accounts.end(); it++) { req += wxT("', '") + it->id ; } req += wxT("')"); req += wxT(" OR user='") + user->_id + wxT("')"); req += wxT(" AND year='") + wxString::Format(wxT("%d"), year) + wxT("'"); req += wxT(" ORDER BY fix_cost DESC, year,month,day ASC"); EXECUTE_SQL_QUERY(req, set, ); while (set.NextRow()) { operation op; op.id = set.GetAsString(wxT("id")); op.account = set.GetAsString(wxT("account")); op.day = set.GetInt(wxT("day")); op.month = set.GetInt(wxT("month")); op.year = set.GetInt(wxT("year")); op.amount = set.GetDouble(wxT("amount")); op.description = set.GetAsString(wxT("description")); op.category = set.GetAsString(wxT("category")); op.fix_cost = set.GetBool(wxT("fix_cost")); op.checked = set.GetBool(wxT("checked")); (*user->_operations[op.year])[op.month].push_back(op); } set.Finalize(); } double Database::GetAccountAmount(wxString id, int month, int year) { wxSQLite3ResultSet set; wxString req; double res; req = wxT("SELECT amount FROM account_amount WHERE account='") + id ; req += wxT("' AND month='") + wxString::Format(wxT("%d"), month); req += wxT("' AND year='") + wxString::Format(wxT("%d"), year); req += wxT("'"); EXECUTE_SQL_QUERY(req , set, 0.0); if (set.NextRow()) res = set.GetDouble(wxT("amount")); else { SetAccountAmount(month, year, id, 0.0); res = 0.0; } set.Finalize(); return res; } void Database::UpdateOperation(struct operation op) { wxString req; req = wxT("UPDATE operation SET ") ; req += wxT("account='") + op.account + wxT("'"); req += wxT(", year='") + wxString::Format(wxT("%d"), op.year) + wxT("'"); req += wxT(", month='") + wxString::Format(wxT("%d"), op.month) + wxT("'"); req += wxT(", day='") + wxString::Format(wxT("%d"), op.day) + wxT("'"); req += wxT(", amount='") + DoubleToString(op.amount) + wxT("'"); req += wxT(", description=\"") + op.description + wxT("\""); req += wxT(", category='") + op.category + wxT("'"); if (op.checked) req += wxT(", checked='1'"); else req += wxT(", checked='0'"); req += wxT(" WHERE id='") + op.id + wxT("'"); //std::cout << req.mb_str() << "\n"; EXECUTE_SQL_UPDATE(req, ); } wxString Database::AddOperation(User* user, struct operation op) { wxString req, res; wxSQLite3ResultSet set; req = wxT("INSERT INTO operation ('user', 'account', 'year', 'month', 'day', 'amount', 'description', 'category', 'fix_cost') VALUES ('") ; req += user->_id + wxT("'"); req += wxT(", '") + op.account + wxT("'"); req += wxT(", '") + wxString::Format(wxT("%d"), op.year) + wxT("'"); req += wxT(", '") + wxString::Format(wxT("%d"), op.month) + wxT("'"); req += wxT(", '") + wxString::Format(wxT("%d"), op.day) + wxT("'"); req += wxT(", '") + DoubleToString(op.amount) + wxT("'"); req += wxT(", \"") + op.description + wxT("\""); req += wxT(", '") + op.category + wxT("'"); if (op.fix_cost) req += wxT(", '1'") ; else req += wxT(", '0'") ; req += wxT(")"); EXECUTE_SQL_UPDATE(req, wxT("0")); req = wxT("SELECT id FROM operation WHERE "); req += wxT("user='") + user->_id + wxT("'"); req += wxT(" AND account='") + op.account + wxT("'"); req += wxT(" AND year='") + wxString::Format(wxT("%d"), op.year) + wxT("'"); req += wxT(" AND month='") + wxString::Format(wxT("%d"), op.month) + wxT("'"); req += wxT(" AND day='") + wxString::Format(wxT("%d"), op.day) + wxT("'"); req += wxT(" AND amount='") + DoubleToString(op.amount) + wxT("'"); req += wxT(" AND description=\"") + op.description + wxT("\""); req += wxT(" AND category='") + op.category + wxT("'"); if (op.fix_cost) req += wxT(" AND fix_cost='1'") ; else req += wxT(" AND fix_cost='0'") ; req += wxT("ORDER BY ID DESC") ; EXECUTE_SQL_QUERY(req , set, wxT("0")); if (set.NextRow()) res = set.GetAsString(wxT("id")); else res = wxT("0"); set.Finalize(); return res; } void Database::DeleteOperation(struct operation op) { wxString req; req = wxT("DELETE FROM operation WHERE id='") + op.id + wxT("'"); EXECUTE_SQL_UPDATE(req, ); } void Database::DeleteOperations(User* user, int month, int year) { wxString req; std::vector::iterator it; it = user->_accounts.begin(); req = wxT("DELETE FROM account_amount WHERE account IN('") + it->id; it++; for (;it != user->_accounts.end(); it++) { req += wxT("', '") + it->id ; } req += wxT("')"); req += wxT(" AND year='") + wxString::Format(wxT("%d"), year) + wxT("'"); if (month != -1) req += wxT(" AND month='") + wxString::Format(wxT("%d"), month) + wxT("'"); EXECUTE_SQL_UPDATE(req, ); it = user->_accounts.begin(); req = wxT("DELETE FROM operation WHERE (account IN('") + it->id; it++; for (;it != user->_accounts.end(); it++) { req += wxT("', '") + it->id ; } req += wxT("')"); req += wxT(" OR user='") + user->_id + wxT("')"); req += wxT(" AND year='") + wxString::Format(wxT("%d"), year) + wxT("'"); if (month != -1) req += wxT(" AND month='") + wxString::Format(wxT("%d"), month) + wxT("'"); EXECUTE_SQL_UPDATE(req, ); } void Database::SetAccountAmount(int month, int year, wxString accountId, double amount) { wxString req; req = wxT("UPDATE account_amount SET ") ; req += wxT("amount='") + DoubleToString(amount) + wxT("'"); req += wxT(" WHERE account='") + accountId + wxT("'"); req += wxT(" AND year='") + wxString::Format(wxT("%d"), year) + wxT("'"); req += wxT(" AND month='") + wxString::Format(wxT("%d"), month) + wxT("'"); try { if (!_db.ExecuteUpdate(req)) { req = wxT("INSERT INTO account_amount ('account', 'year', 'month', 'amount') VALUES ('") ; req += accountId + wxT("'"); req += wxT(" ,'") + wxString::Format(wxT("%d"), year) + wxT("'"); req += wxT(" ,'") + wxString::Format(wxT("%d"), month) + wxT("'"); req += wxT(" ,'") + DoubleToString(amount) + wxT("'"); req += wxT(")"); EXECUTE_SQL_UPDATE(req, ); } } catch (wxSQLite3Exception e) { std::cerr << req.mb_str() << "\n" ; std::cerr << e.GetMessage().mb_str() << "\n" ; return ; } } wxString Database::AddAccount(User* user, struct Account ac) { wxString req, res; wxSQLite3ResultSet set; req = wxT("INSERT INTO account ('user', 'name', 'number', 'shared', 'default_account') VALUES ('") ; req += user->_id + wxT("'"); req += wxT(", '") + ac.name + wxT("'"); req += wxT(", '") + ac.number + wxT("'"); if (ac.shared) req += wxT(", '1'") ; else req += wxT(", '0'") ; if (ac._default) req += wxT(", '1'") ; else req += wxT(", '0'") ; req += wxT(")"); EXECUTE_SQL_UPDATE(req, wxT("0")); req = wxT("SELECT id FROM account WHERE name='") + ac.name + wxT("'") ; req += wxT("AND user='") + user->_id + wxT("'"); EXECUTE_SQL_QUERY(req , set, wxT("0")); if (set.NextRow()) res = set.GetAsString(wxT("id")); else res = wxT("0"); set.Finalize(); return res; } void Database::UpdateAccount(struct Account ac) { wxString req; req = wxT("UPDATE account SET ") ; req += wxT("name='") + ac.name + wxT("'"); req += wxT(", number='") + ac.number + wxT("'"); if (ac.shared) req += wxT(", shared='1'"); else req += wxT(", shared='0'"); if (ac._default) req += wxT(", default_account='1'"); else req += wxT(", default_account='0'"); req += wxT(" WHERE id='") + ac.id + wxT("'"); EXECUTE_SQL_UPDATE(req, ); } void Database::DeleteAccount(struct Account ac) { wxString req; req = wxT("DELETE FROM account WHERE id='") + ac.id + wxT("'"); EXECUTE_SQL_UPDATE(req, ); } wxString Database::AddCategory(User* user, struct category category) { wxString req, res; wxSQLite3ResultSet set; wxString color; color = wxT("#") ; color += wxString::Format(wxT("%02X"), category.color.Red()); color += wxString::Format(wxT("%02X"), category.color.Green()); color += wxString::Format(wxT("%02X"), category.color.Blue()); req = wxT("INSERT INTO category ('user', 'parent', 'name', 'color', font) VALUES ('") ; req += user->_id + wxT("'"); req += wxT(", '") + category.parent + wxT("'"); req += wxT(", '") + category.name + wxT("'"); req += wxT(", '") + color + wxT("'"); req += wxT(", '") + category.font + wxT("'"); req += wxT(")"); EXECUTE_SQL_UPDATE(req, wxT("0")); req = wxT("SELECT id FROM preference WHERE user='") + user->_id + wxT("'") ; req += wxT(" AND name='") + category.name + wxT("'"); EXECUTE_SQL_QUERY(req , set, wxT("0")); if (set.NextRow()) res = set.GetAsString(wxT("id")); else res = wxT("0"); set.Finalize(); return res; } void Database::UpdateCategory(struct category category) { wxString req; wxString color; color = wxT("#") ; color += wxString::Format(wxT("%02X"), category.color.Red()); color += wxString::Format(wxT("%02X"), category.color.Green()); color += wxString::Format(wxT("%02X"), category.color.Blue()); req = wxT("UPDATE category SET") ; req += wxT(" parent='") + category.parent + wxT("'"); req += wxT(", name='") + category.name + wxT("'"); req += wxT(", color='") + color + wxT("'"); req += wxT(", font='") + category.font + wxT("'"); req += wxT(" WHERE id='") + category.id + wxT("'"); EXECUTE_SQL_UPDATE(req, ); } void Database::DeleteCategory(User* user, struct category category) { wxString req; req = wxT("DELETE FROM category WHERE id='") + category.id + wxT("'"); EXECUTE_SQL_UPDATE(req, ); req = wxT("UPDATE category SET") ; req += wxT(" parent='0'"); req += wxT(" WHERE parent='") + category.id + wxT("'"); EXECUTE_SQL_UPDATE(req, ); } std::map > Database::GetAllOperations(User* user) { wxString req; wxSQLite3ResultSet set, set2; std::vector::iterator it; std::map > res; int year; if (!user->_accounts.empty()) { it = user->_accounts.begin(); req = wxT("SELECT DISTINCT year FROM operation WHERE account IN('") + it->id; it++; for (;it != user->_accounts.end(); it++) { req += wxT("', '") + it->id ; } req += wxT("')"); req += wxT(" OR user='") + user->_id + wxT("'"); req += wxT(" ORDER BY year ASC"); EXECUTE_SQL_QUERY(req, set, res); while (set.NextRow()) { year = set.GetInt(wxT("year")); it = user->_accounts.begin(); req = wxT("SELECT DISTINCT month FROM operation WHERE (account IN('") + it->id; it++; for (;it != user->_accounts.end(); it++) { req += wxT("', '") + it->id ; } req += wxT("')"); req += wxT(" OR user='") + user->_id + wxT("')"); req += wxT(" AND year='") + set.GetAsString(wxT("year")) + wxT("'"); req += wxT(" ORDER BY month ASC"); EXECUTE_SQL_QUERY(req, set2, res); while (set2.NextRow()) { res[year].push_back(set2.GetInt(wxT("month"))); } set2.Finalize(); } set.Finalize(); } return res; } void Database::GenerateMonth(User* user, int monthFrom, int yearFrom, int monthTo, int yearTo) { std::vector::iterator it; wxString req; wxSQLite3ResultSet set; double amount; if (monthFrom == -1 || yearFrom == -1) { for (it = user->_accounts.begin(); it != user->_accounts.end(); it++) { req = wxT("INSERT INTO account_amount ('account', 'year', 'month', 'amount') VALUES ('") ; req += it->id + wxT("'"); req += wxT(" ,'") + wxString::Format(wxT("%d"), yearTo) + wxT("'"); req += wxT(" ,'") + wxString::Format(wxT("%d"), monthTo) + wxT("'"); req += wxT(" ,'0.0'"); req += wxT(")"); EXECUTE_SQL_UPDATE(req, ); } return; } for (it = user->_accounts.begin(); it != user->_accounts.end(); it++) { amount = 0.0; req = wxT("SELECT amount FROM operation WHERE") ; req += wxT(" account='") + it->id + wxT("'"); req += wxT(" AND year='") + wxString::Format(wxT("%d"), yearFrom) + wxT("'"); req += wxT(" AND month='") + wxString::Format(wxT("%d"), monthFrom) + wxT("'"); EXECUTE_SQL_QUERY(req, set, ); while (set.NextRow()) amount += set.GetDouble(wxT("amount")); req = wxT("SELECT amount FROM account_amount WHERE") ; req += wxT(" account='") + it->id + wxT("'"); req += wxT(" AND year='") + wxString::Format(wxT("%d"), yearFrom) + wxT("'"); req += wxT(" AND month='") + wxString::Format(wxT("%d"), monthFrom) + wxT("'"); EXECUTE_SQL_QUERY(req, set, ); if (set.NextRow()) amount += set.GetDouble(wxT("amount")); req = wxT("INSERT INTO account_amount ('account', 'year', 'month', 'amount') VALUES ('") ; req += it->id + wxT("'"); req += wxT(" ,'") + wxString::Format(wxT("%d"), yearTo) + wxT("'"); req += wxT(" ,'") + wxString::Format(wxT("%d"), monthTo) + wxT("'"); req += wxT(" ,'") + DoubleToString(amount) + wxT("'"); req += wxT(")"); EXECUTE_SQL_UPDATE(req, ); } } void Database::ChangePassword(User* user, wxString password) { wxString req; req = wxT("UPDATE user SET ") ; req += wxT("password='") + HashPassword(password) + wxT("'"); req += wxT(" WHERE name='") + user->_name + wxT("'"); EXECUTE_SQL_UPDATE(req, ); } bool Database::UserExists(wxString name) { wxSQLite3ResultSet set; wxString req; bool res=false; req = wxT("SELECT name FROM user WHERE name='") + name + wxT("'") ; EXECUTE_SQL_QUERY(req , set, false); if (set.NextRow()) res = true; else res = false; set.Finalize(); return res; } void Database::ChangeName(User* user, wxString name) { wxString req; req = wxT("UPDATE user SET ") ; req += wxT("name='") + name + wxT("'"); req += wxT(" WHERE name='") + user->_name + wxT("'"); EXECUTE_SQL_UPDATE(req, ); } void Database::NewUser(wxString name) { wxString req, id; wxSQLite3ResultSet set; req = wxT("INSERT INTO user ('name', 'password') VALUES ('") ; req += name + wxT("'"); req += wxT(", '") + HashPassword(wxT("")) + wxT("'"); req += wxT(")"); EXECUTE_SQL_UPDATE(req, ); req = wxT("SELECT id FROM user WHERE "); req += wxT("name='") + name + wxT("'"); EXECUTE_SQL_QUERY(req , set, ); set.NextRow(); id = set.GetAsString(wxT("id")); set.Finalize(); req = wxT("SELECT * FROM default_preference"); EXECUTE_SQL_QUERY(req, set,); while (set.NextRow()) { req = wxT("INSERT INTO preference ('user', 'name', 'value') VALUES ('") ; req += id + wxT("'"); req += wxT(", '") + set.GetAsString(wxT("type")) + wxT("'"); req += wxT(", '") + set.GetAsString(wxT("value")) + wxT("'"); req += wxT(")"); EXECUTE_SQL_UPDATE(req, ); } set.Finalize(); req = wxT("SELECT * FROM default_category"); EXECUTE_SQL_QUERY(req, set,); while (set.NextRow()) { req = wxT("INSERT INTO category ('user', 'parent', 'name', 'color', 'font') VALUES ('") ; req += id + wxT("'"); req += wxT(", '") + set.GetAsString(wxT("parent")) + wxT("'"); req += wxT(", '") + set.GetAsString(wxT("name")) + wxT("'"); req += wxT(", '") + set.GetAsString(wxT("color")) + wxT("'"); req += wxT(", '") + set.GetAsString(wxT("font")) + wxT("'"); req += wxT(")"); EXECUTE_SQL_UPDATE(req, ); } set.Finalize(); return ; } /* Shared accounts not currently supported */ void Database::KillMe(User* user) { wxString req; std::vector::iterator it; req = wxT("DELETE FROM preference WHERE user='") + user->_id + wxT("'"); EXECUTE_SQL_UPDATE(req, ); if (!user->_accounts.empty()) { it = user->_accounts.begin(); req = wxT("DELETE FROM account_amount WHERE account IN('") + it->id; it++; for (;it != user->_accounts.end(); it++) { req += wxT("', '") + it->id ; } req += wxT("')"); EXECUTE_SQL_UPDATE(req, ); it = user->_accounts.begin(); req = wxT("DELETE FROM operation WHERE account IN('") + it->id; it++; for (;it != user->_accounts.end(); it++) { req += wxT("', '") + it->id ; } req += wxT("')"); req += wxT(" OR user='") + user->_id + wxT("')"); EXECUTE_SQL_UPDATE(req, ); } req = wxT("DELETE FROM account WHERE user='") + user->_id + wxT("'"); EXECUTE_SQL_UPDATE(req, ); req = wxT("DELETE FROM category WHERE user='") + user->_id + wxT("'"); EXECUTE_SQL_UPDATE(req, ); req = wxT("DELETE FROM user WHERE id='") + user->_id + wxT("'"); EXECUTE_SQL_UPDATE(req, ); }