You will find the answer to your question if you do as Carlos suggested... Do a google search for "SQL Injection Attack"
On Tue, Feb 22, 2011 at 5:47 AM, Abhilash baddam < [email protected]> wrote: > Hi Carlos, > > Means where exactly i am doing mistake means while > inserting values or deleting the values? > > > On Tue, Feb 22, 2011 at 6:12 PM, Carlos Silva <[email protected]> wrote: > >> On Tue, Feb 22, 2011 at 11:39, Abhilash baddam < >> [email protected]> wrote: >> >>> myDB.execSQL(DELETE FROM favourites where month= ' "+str+" ' "); >>> >>> the above statement is working fine but if the *str* contains apostrophe >>> then i am getting exception near *'s. *Otherwise working only if the str >>> contains apostrophe( ' ) then only i am getting problem..?How can i solve >>> this issue...? >>> >> >> You really should read about SQL Injection security problems. >> >> -- >> You received this message because you are subscribed to the Google >> Groups "Android Developers" group. >> To post to this group, send email to [email protected] >> To unsubscribe from this group, send email to >> [email protected] >> For more options, visit this group at >> http://groups.google.com/group/android-developers?hl=en >> > > -- > You received this message because you are subscribed to the Google > Groups "Android Developers" group. > To post to this group, send email to [email protected] > To unsubscribe from this group, send email to > [email protected] > For more options, visit this group at > http://groups.google.com/group/android-developers?hl=en > -- You received this message because you are subscribed to the Google Groups "Android Developers" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/android-developers?hl=en
