Re: [sqlite] Escaped values throws error

Ben Marchbanks Sun, 16 Nov 2008 14:24:22 -0800

This is my first foree into PDO-SQLite and I saw samples using binding,
I am using prepare() though without binding.


So you think that had I used binding my escape issue would not be an issue ?

*Ben Marchbanks*

www.magazooms.com <http://www.magazooms.com/>
Signature
Email: [EMAIL PROTECTED] <mailto:[EMAIL PROTECTED]>
Phone: (864) 284.9918


Eric Minbiole wrote:
>> Now I remember why I wasn't using single quotes in SQLite statements -
>>
>> because escaped single quoted values like
>>
>> 'Billy\'s bike'
>>
>> cause it to fail. Again I think its related to PHP-PDO SQLite 
>> implementation.....
>>     
>
> Have you considered using prepared statements and bound parameters? 
> That way, you never have to worry about character escaping, or SQL 
> injection problems.
>
> ~Eric
> _______________________________________________
> sqlite-users mailing list
> sqlite-users@sqlite.org
> http://sqlite.org:8080/cgi-bin/mailman/listinfo/sqlite-users
>
>
>   
_______________________________________________
sqlite-users mailing list
sqlite-users@sqlite.org
http://sqlite.org:8080/cgi-bin/mailman/listinfo/sqlite-users

Re: [sqlite] Escaped values throws error

Reply via email to