On Tue, Feb 22, 2011 at 11:39, Abhilash baddam < [email protected]> wrote:
> myDB.execSQL(DELETE FROM favourites where month= ' "+str+" ' "); > > the above statement is working fine but if the *str* contains apostrophe > then i am getting exception near *'s. *Otherwise working only if the str > contains apostrophe( ' ) then only i am getting problem..?How can i solve > this issue...? > You really should read about SQL Injection security problems. -- You received this message because you are subscribed to the Google Groups "Android Developers" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/android-developers?hl=en
