On Thu, Nov 14, 2013 at 7:58 AM, L. Wood <lwoo...@live.com> wrote:
> Suppose I have a table with one text column. I insert like this:
>
> INSERT INTO my_table (col1) VALUES ('arbitrary UTF-8 string');
>
> * Isn't it true that the string must indeed be surrounded by single quotes
> as I do above?
> * Isn't it true that I have to replace all occurrences of ' in the
> original string with '' (to escape each single quote)?
> * Do I have to do anything else at all?
>
It is safer and faster to use the sqlite3_bind_text() interface.
First prepare your statement like this:
INSERT INTO my_table(col1) VALUES(?1);
Then run:
sqlite3_bind_text(pStmt, 1, zYourString, -1, SQLITE_TRANSIENT);
Then run your statement:
sqlite3_step(pStmt);
Further information: http://www.sqlite.org/c3ref/bind_blob.html
--
D. Richard Hipp
d...@sqlite.org
_______________________________________________
sqlite-users mailing list
sqlite-users@sqlite.org
http://sqlite.org:8080/cgi-bin/mailman/listinfo/sqlite-users
