Re: [sqlite] insert statements with user input in bash script

ndetnik Sent: Wednesday, January 29, 2014 3:59 PM To: [email protected] Subject: Re: [sqlite] insert statements with user input in bash script On 1/29/2014 9:30 AM, Raymond van Daelen wrote: > Works! However, see what happens if you type this as user input: Robert'); DROP TABLE

Re: [sqlite] insert statements with user input in bash script

On 1/29/2014 9:30 AM, Raymond van Daelen wrote: Works! However, see what happens if you type this as user input: Robert'); DROP TABLE ga_table; -- See also: http://xkcd.com/327/ -- Igor Tandetnik ___ sqlite-users mailing list [email protected]

Re: [sqlite] insert statements with user input in bash script

. -Original Message- From: [email protected] [mailto:[email protected]] On Behalf Of Igor Tandetnik Sent: Wednesday, January 29, 2014 2:47 PM To: [email protected] Subject: Re: [sqlite] insert statements with user input in bash script On 1/29/2014 8:27

Re: [sqlite] insert statements with user input in bash script

On 1/29/2014 8:27 AM, Raymond van Daelen wrote: NEWVALUE="$TERM" Try single quotes: NEWVALUE='$TERM' -- Igor Tandetnik ___ sqlite-users mailing list [email protected] http://sqlite.org:8080/cgi-bin/mailman/listinfo/sqlite-users

[sqlite] insert statements with user input in bash script

Ls, In a bash script I want to get some user input to be stored in a table #get the user input: echo -n 'give new value for xxx : ' read TERM NEWVALUE="$TERM" # now insert into db sqlite3 $DB.sqlite "insert into ga_table values (1,$NEWVALUE);" but then I get an error: script.sh: line 24: