On 5 Oct 2017, at 7:45pm, Stephen Chrzanowski <pontia...@gmail.com> wrote:

> I wanted to bind :OrderBy with field names and conditions based on user
> preferences

Binding is to values, not to column names.  If you have one ORDER BY parameter, 
you can only bind it to a value.  If you want a WHERE parameter you cannot bind 
a column name, you have to bind a value.

It looks like you need to create a string for the entire command rather than 
just binding values.  This, of course, introduces security problems if you 
allow your users to set substrings themselves rather than picking them from 
lists you prepare.

sqlite-users mailing list

Reply via email to