# FMDB v2.6.2 This is an Objective-C wrapper around SQLite: http://sqlite.org/ ## The FMDB Mailing List: http://groups.google.com/group/fmdb ## Read the SQLite FAQ: http://www.sqlite.org/faq.html Since FMDB is built on top of SQLite, you're going to want to read this page top to bottom at least once. And while you're there, make sure to bookmark the SQLite Documentation page: http://www.sqlite.org/docs.html ## Contributing Do you have an awesome idea that deserves to be in FMDB? You might consider pinging ccgus first to make sure he hasn't already ruled it out for some reason. Otherwise pull requests are great, and make sure you stick to the local coding conventions. However, please be patient and if you haven't heard anything from ccgus for a week or more, you might want to send a note asking what's up. ## CocoaPods [![Dependency Status](https://www.versioneye.com/objective-c/fmdb/2.3/badge.svg?style=flat)](https://www.versioneye.com/objective-c/fmdb/2.3) [![Reference Status](https://www.versioneye.com/objective-c/fmdb/reference_badge.svg?style=flat)](https://www.versioneye.com/objective-c/fmdb/references) FMDB can be installed using [CocoaPods](https://cocoapods.org/). ```ruby pod 'FMDB' # pod 'FMDB/FTS' # FMDB with FTS # pod 'FMDB/standalone' # FMDB with latest SQLite amalgamation source # pod 'FMDB/standalone/FTS' # FMDB with latest SQLite amalgamation source and FTS # pod 'FMDB/SQLCipher' # FMDB with SQLCipher ``` **If using FMDB with [SQLCipher](https://www.zetetic.net/sqlcipher/) you must use the FMDB/SQLCipher subspec. The FMDB/SQLCipher subspec declares SQLCipher as a dependency, allowing FMDB to be compiled with the `-DSQLITE_HAS_CODEC` flag.** ## FMDB Class Reference: http://ccgus.github.io/fmdb/html/index.html ## Automatic Reference Counting (ARC) or Manual Memory Management? You can use either style in your Cocoa project. FMDB will figure out which you are using at compile time and do the right thing. ## Usage There are three main classes in FMDB: 1. `FMDatabase` - Represents a single SQLite database. Used for executing SQL statements. 2. `FMResultSet` - Represents the results of executing a query on an `FMDatabase`. 3. `FMDatabaseQueue` - If you're wanting to perform queries and updates on multiple threads, you'll want to use this class. It's described in the "Thread Safety" section below. ### Database Creation An `FMDatabase` is created with a path to a SQLite database file. This path can be one of these three: 1. A file system path. The file does not have to exist on disk. If it does not exist, it is created for you. 2. An empty string (`@""`). An empty database is created at a temporary location. This database is deleted with the `FMDatabase` connection is closed. 3. `NULL`. An in-memory database is created. This database will be destroyed with the `FMDatabase` connection is closed. (For more information on temporary and in-memory databases, read the sqlite documentation on the subject: http://www.sqlite.org/inmemorydb.html) ```objc NSString *path = [NSTemporaryDirectory() stringByAppendingPathComponent:@"tmp.db"]; FMDatabase *db = [FMDatabase databaseWithPath:path]; ``` ### Opening Before you can interact with the database, it must be opened. Opening fails if there are insufficient resources or permissions to open and/or create the database. ```objc if (![db open]) { // [db release]; // uncomment this line in manual referencing code; in ARC, this is not necessary/permitted db = nil; return; } ``` ### Executing Updates Any sort of SQL statement which is not a `SELECT` statement qualifies as an update. This includes `CREATE`, `UPDATE`, `INSERT`, `ALTER`, `COMMIT`, `BEGIN`, `DETACH`, `DELETE`, `DROP`, `END`, `EXPLAIN`, `VACUUM`, and `REPLACE` statements (plus many more). Basically, if your SQL statement does not begin with `SELECT`, it is an update statement. Executing updates returns a single value, a `BOOL`. A return value of `YES` means the update was successfully executed, and a return value of `NO` means that some error was encountered. You may invoke the `-lastErrorMessage` and `-lastErrorCode` methods to retrieve more information. ### Executing Queries A `SELECT` statement is a query and is executed via one of the `-executeQuery...` methods. Executing queries returns an `FMResultSet` object if successful, and `nil` upon failure. You should use the `-lastErrorMessage` and `-lastErrorCode` methods to determine why a query failed. In order to iterate through the results of your query, you use a `while()` loop. You also need to "step" from one record to the other. With FMDB, the easiest way to do that is like this: ```objc FMResultSet *s = [db executeQuery:@"SELECT * FROM myTable"]; while ([s next]) { //retrieve values for each record } ``` You must always invoke `-[FMResultSet next]` before attempting to access the values returned in a query, even if you're only expecting one: ```objc FMResultSet *s = [db executeQuery:@"SELECT COUNT(*) FROM myTable"]; if ([s next]) { int totalCount = [s intForColumnIndex:0]; } ``` `FMResultSet` has many methods to retrieve data in an appropriate format: - `intForColumn:` - `longForColumn:` - `longLongIntForColumn:` - `boolForColumn:` - `doubleForColumn:` - `stringForColumn:` - `dateForColumn:` - `dataForColumn:` - `dataNoCopyForColumn:` - `UTF8StringForColumnName:` - `objectForColumnName:` Each of these methods also has a `{type}ForColumnIndex:` variant that is used to retrieve the data based on the position of the column in the results, as opposed to the column's name. Typically, there's no need to `-close` an `FMResultSet` yourself, since that happens when either the result set is deallocated, or the parent database is closed. ### Closing When you have finished executing queries and updates on the database, you should `-close` the `FMDatabase` connection so that SQLite will relinquish any resources it has acquired during the course of its operation. ```objc [db close]; ``` ### Transactions `FMDatabase` can begin and commit a transaction by invoking one of the appropriate methods or executing a begin/end transaction statement. ### Multiple Statements and Batch Stuff You can use `FMDatabase`'s executeStatements:withResultBlock: to do multiple statements in a string: ```objc NSString *sql = @"create table bulktest1 (id integer primary key autoincrement, x text);" "create table bulktest2 (id integer primary key autoincrement, y text);" "create table bulktest3 (id integer primary key autoincrement, z text);" "insert into bulktest1 (x) values ('XXX');" "insert into bulktest2 (y) values ('YYY');" "insert into bulktest3 (z) values ('ZZZ');"; success = [db executeStatements:sql]; sql = @"select count(*) as count from bulktest1;" "select count(*) as count from bulktest2;" "select count(*) as count from bulktest3;"; success = [self.db executeStatements:sql withResultBlock:^int(NSDictionary *dictionary) { NSInteger count = [dictionary[@"count"] integerValue]; XCTAssertEqual(count, 1, @"expected one record for dictionary %@", dictionary); return 0; }]; ``` ### Data Sanitization When providing a SQL statement to FMDB, you should not attempt to "sanitize" any values before insertion. Instead, you should use the standard SQLite binding syntax: ```sql INSERT INTO myTable VALUES (?, ?, ?, ?) ``` The `?` character is recognized by SQLite as a placeholder for a value to be inserted. The execution methods all accept a variable number of arguments (or a representation of those arguments, such as an `NSArray`, `NSDictionary`, or a `va_list`), which are properly escaped for you. And, to use that SQL with the `?` placeholders from Objective-C: ```objc NSInteger identifier = 42; NSString *name = @"Liam O'Flaherty (\"the famous Irish author\")"; NSDate *date = [NSDate date]; NSString *comment = nil; BOOL success = [db executeUpdate:@"INSERT INTO authors (identifier, name, date, comment) VALUES (?, ?, ?, ?)", @(identifier), name, date, comment ?: [NSNull null]]; if (!success) { NSLog(@"error = %@", [db lastErrorMessage]); } ``` > **Note:** Fundamental data types, like the `NSInteger` variable `identifier`, should be as a `NSNumber` objects, achieved by using the `@` syntax, shown above. Or you can use the `[NSNumber numberWithInt:identifier]` syntax, too. > > Likewise, SQL `NULL` values should be inserted as `[NSNull null]`. For example, in the case of `comment` which might be `nil` (and is in this example), you can use the `comment ?: [NSNull null]` syntax, which will insert the string if `comment` is not `nil`, but will insert `[NSNull null]` if it is `nil`. In Swift, you would use `executeUpdate(values:)`, which not only is a concise Swift syntax, but also `throws` errors for proper Swift 2 error handling: ```swift do { let identifier = 42 let name = "Liam O'Flaherty (\"the famous Irish author\")" let date = NSDate() let comment: String? = nil try db.executeUpdate("INSERT INTO authors (identifier, name, date, comment) VALUES (?, ?, ?, ?)", values: [identifier, name, date, comment ?? NSNull()]) } catch { print("error = \(error)") } ``` > **Note:** In Swift, you don't have to wrap fundamental numeric types like you do in Objective-C. But if you are going to insert an optional string, you would probably use the `comment ?? NSNull()` syntax (i.e., if it is `nil`, use `NSNull`, otherwise use the string). Alternatively, you may use named parameters syntax: ```sql INSERT INTO authors (identifier, name, date, comment) VALUES (:identifier, :name, :date, :comment) ``` The parameters *must* start with a colon. SQLite itself supports other characters, but internally the dictionary keys are prefixed with a colon, do **not** include the colon in your dictionary keys. ```objc NSDictionary *arguments = @{@"identifier": @(identifier), @"name": name, @"date": date, @"comment": comment ?: [NSNull null]}; BOOL success = [db executeUpdate:@"INSERT INTO authors (identifier, name, date, comment) VALUES (:identifier, :name, :date, :comment)" withParameterDictionary:arguments]; if (!success) { NSLog(@"error = %@", [db lastErrorMessage]); } ``` The key point is that one should not use `NSString` method `stringWithFormat` to manually insert values into the SQL statement, itself. Nor should one Swift string interpolation to insert values into the SQL. Use `?` placeholders for values to be inserted into the database (or used in `WHERE` clauses in `SELECT` statements).