On Sat, Aug 29, 2009 at 12:25 PM, Nate<[email protected]> wrote: > > How should I be escaping strings for SQLite? I found I was inserting a > string with single quote and this broke. I am now replacing single > quote with two single quotes, but I am wondering what else I should be > escaping, if anything? The SQLite documentation is especially > unhelpful. > > I realize this isn't an Android question, but Android uses SQLite and > you should be escaping if you do anything with that part of the > Android API.
Which API are you talking about exactly? Several of the SQLite related APIs allow you to specify the potentially problematic strings as separate arguments, and will do escaping for you if needed. See http://developer.android.com/reference/android/database/sqlite/SQLiteDatabase.html for example and search the page for 'bindargs', 'selectionargs' and 'whereargs'. --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Android Developers" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/android-developers?hl=en -~----------~----~----~----~------~----~------~--~---
