Re: [sqlite] User input checking

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 22/03/12 22:57, Steinar Midtskogen wrote: > I'm planning to allow users to make database queries through a web > page. I'm thinking of letting the user provide the string that goes > between SELECT and FROM using the sqlite3 command tool, but

Re: [sqlite] User input checking

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 I also forgot to mention doing all that stuff on a second connection. Open that one read-only (SQLITE_OPEN_READONLY). You can also double check a statement makes no changes: http://www.sqlite.org/c3ref/stmt_readonly.htmla Roger -BEGIN PGP

[sqlite] xBestIndex/xFilter Bug(?) when using LIKE "F%"

I have a virtual table implementation, that implements the xBestIndex/xFilter funktions and I found the following problem: This query SELECT * FROM vf WHERE field LIKE "F%"; will result in a call to xBestIndex with the following constraint field >= ... AND field < ... when SQLITE calls

[sqlite] Could/should Windows build of SQLite use #define WIN32_LEAN_AND_MEAN?

When building using the SQLite amalgamation, I noticed Windows.h being included without #define WIN32_LEAN_AND_MEAN. This includes a lot of extraneous "cruft". Any reason not to trim down the windows build this way? ___ sqlite-users mailing list

Re: [sqlite] Could/should Windows build of SQLite use #define WIN32_LEAN_AND_MEAN?

Hello Jeff, Isn't that just a build time thing? Include fewer includes during the compile? I just don't build sqlite often enough to seem to think this matters. Pretty sure this has no impact on the ultimate size of the code generated. Friday, March 23, 2012, 7:51:36 AM, you wrote: JR>

Re: [sqlite] User input checking

Ruby on Rails -- ActiveRecord. ActiveRecord prevents sql injections, I think. Using ERB in the html would give you that kind of functionality. Correct? dvn On Fri, Mar 23, 2012 at 2:49 AM, Roger Binns wrote: > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA1 > > I also

[sqlite] Core Data

Hello, Not sure if this question belongs here, let me know if it doesn't. It can also be answered here http://stackoverflow.com/questions/9808284/why-does-manually-implementing-a-hash-tag-give-a-performance-boost-to-my-queries and I'll cross post relevant info to stackoverflow if I receive it. I

[sqlite] Blob Data Assignments

Hi I'm new to SQLite, coming from an Access/VB background. Having moved over to Linux I'm now developing an application using Gambas. One of the requirements is to store a scanned document (PDF) in a record as a blob, along with its metadata. I've no problem selecting the document, but I'm

Re: [sqlite] Blob Data Assignments

On 23 Mar 2012, at 4:29pm, Nigel Verity wrote: > I'm new to SQLite, coming from an Access/VB background. Having moved over to > Linux I'm now developing an application using Gambas. One of the requirements > is to store a scanned document (PDF) in a record as a blob,

Re: [sqlite] Blob Data Assignments

Nigel Verity wrote: > I'm new to SQLite, coming from an Access/VB background. Having moved over to > Linux I'm now developing an application using > Gambas. One of the requirements is to store a scanned document (PDF) in a > record as a blob, along with its metadata.

[sqlite] Sqlite error message

I got a error message "could not prepare statement (1 no such table: LivroDaBiblia) (Code 5)" trying the following code on executeSQL SELECT.. The message was captured at console.log of CHROME When I use command line shell it works fine. The table is OK with 66 lines. Anyone can help me??

Re: [sqlite] Core Data

On Fri, Mar 23, 2012 at 11:26 AM, Kristof Van Landschoot wrote: > Not sure if this question belongs here, let me know if it doesn't. It > can also be answered here >

Re: [sqlite] Sqlite error message

On 23 Mar 2012, at 5:46pm, Waltênio de Bessa Mendes wrote: > I got a error message "could not prepare statement (1 no such table: > LivroDaBiblia) (Code 5)" Make sure you're opening the correct database file. Try specifying the full path to the file. Simon.

Re: [sqlite] Sqlite error message

You may want to add "FailIfMissing=true" to your connection string. It always surprises me when I successfully connect to a database and then an attempt to read from a table that I know durn well is there fails. RobR -Original Message- From: sqlite-users-boun...@sqlite.org

Re: [sqlite] User input checking

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 23/03/12 06:33, Don V Nielsen wrote: > Ruby on Rails -- ActiveRecord. ActiveRecord prevents sql injections, > I think. Using ERB in the html would give you that kind of > functionality. Correct? I don't see the relevance of your comment. The

Re: [sqlite] Could/should Windows build of SQLite use #define WIN32_LEAN_AND_MEAN?

On March 23, Jeff Robbins wrote: When building using the SQLite amalgamation, I noticed Windows.h being included without #define WIN32_LEAN_AND_MEAN. This includes a lot of extraneous "cruft". Any reason not to trim down the windows build this way? There is no real reason not to do that.

Re: [sqlite] Core Data

Kristof Van Landschoot wrote: > Why doesn't sqlite implement a hash tag on strings itself when there is an > index? Because a hash would only help with conditions of the form "textField = ?", while the kind of b-tree index that SQLite utilizes also works for "textField >

Re: [sqlite] Could/should Windows build of SQLite use #define

While #define WINDOWS_LEAN_AND_MEAN is only a compile-time setting, it trims down extraneous #defines that Windows.h creates that can interfere with reasonable uses of SQLite, such as the excellent APSW extension for Python: The problem I happened upon was trying to build a Python extension