Thanks. Sounds like I have to use BLOBs which is not what I'm doing
currently. 

1) I wonder about backward compatibility when I start using this BLOB
method. There are previous databases out there that don't use BLOBs. Can I
mix and match ? Or does this require the previous database to be deleted on
an upgrade ?

2) When you say " Use statement paramters and bind the data directly" Are
you referring to the examples in http://sqlite.org/c3ref/bind_blob.html as
pointed to by Eric Smith?

Thanks,
Kavita


On 7/9/10 11:30 AM, "Jay A. Kreibich" <j...@kreibi.ch> wrote:

> On Fri, Jul 09, 2010 at 11:24:19AM -0500, Kavita Raghunathan scratched on the
> wall:
>> Hello,
>> I?m storing encrypted passwords in the sqlite database. The encryption
>> algorithm generates ?null? character, and therefore the password
>> strings can have nulls in them.
>> 
>>  1.  Is this an issue for storing in database ? If strcpy is used
>>      anywhere, it would be a problem
> 
>   They can't be stored as text values without some type of encoding
>   (like base64), but they can be stored as BLOBs.
> 
>>  2.  I?m using sprintf to generate the SQL statement as shown below.
>>      This causes a problem because sprintf stops printing when it
>>      encounters ?null?.
> 
>   Don't do that.  Use statement parameters and bind the data directly.
>    
>    -j

_______________________________________________
sqlite-users mailing list
sqlite-users@sqlite.org
http://sqlite.org:8080/cgi-bin/mailman/listinfo/sqlite-users

Reply via email to