Dixon Hutchinson
<sqlite-491LjFE5FnHkPponyUOvwgC/[EMAIL PROTECTED]> wrote:
I am having a problem with single quotes in a C program.
Consider a simple table
CREATE TABLE t(comp TEXT);
Lets say I use sqlite3_prepare to prepare the following string:
"SELECT rowid FROM table WHERE comp=?;"
Shouldn't that be
SELECT rowid FROM t WHERE comp=?;
Should I be calling sqlite3_mprintf("abc'def") and passing that string
off to bind?
No you shouldn't. You should pass the text to sqlite3_bind_text as is,
with no escaping. The problem is elsewhere.
Igor Tandetnik
-----------------------------------------------------------------------------
To unsubscribe, send email to [EMAIL PROTECTED]
-----------------------------------------------------------------------------
