On Sep 14, 2017, at 10:27 AM, Jens Alfke <[email protected]> wrote: > > s << "INSERT INTO " << table_name << " (" << data;
You probably just wrote a SQL injection vulnerability.
Use prepared statements, [named] parameters, and the “bind” functions to build
the query string instead.
https://sqlite.org/c3ref/stmt.html
_______________________________________________
sqlite-users mailing list
[email protected]
http://mailinglists.sqlite.org/cgi-bin/mailman/listinfo/sqlite-users
