From 3a0df47d4d05f09138ddbc2458de50401b58daa2 Mon Sep 17 00:00:00 2001
From: Darryl Lim <77101164+Owly-dabs@users.noreply.github.com>
Date: Wed, 4 Feb 2026 13:20:39 +0800
Subject: [PATCH] Change ID validation for insert operation to detect non-int
 values

User should not be able to execute an operation as such:
```
db > insert somestring myuser myemail
```
Right now, the user may execute the above command and get the following when using `db > select`:
```
(0, myuser, myemail)
```

`atoi` returns 0 for invalid input. Thus, the invalid `PrepareResult` status `PREPARE_NEGATIVE_ID` should be returned if `int id = 0`.
---
 db.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/db.c b/db.c
index ce3a590..3626d60 100644
--- a/db.c
+++ b/db.c
@@ -630,7 +630,7 @@ PrepareResult prepare_insert(InputBuffer* input_buffer, Statement* statement) {
   }
 
   int id = atoi(id_string);
-  if (id < 0) {
+  if (id <= 0) {
     return PREPARE_NEGATIVE_ID;
   }
   if (strlen(username) > COLUMN_USERNAME_SIZE) {
@@ -1024,7 +1024,7 @@ int main(int argc, char* argv[]) {
       case (PREPARE_SUCCESS):
         break;
       case (PREPARE_NEGATIVE_ID):
-        printf("ID must be positive.\n");
+        printf("ID must be a positive integer.\n");
         continue;
       case (PREPARE_STRING_TOO_LONG):
         printf("String is too long.\n");