Thanks. Sounds like I have to use BLOBs which is not what I'm doing currently.
1) I wonder about backward compatibility when I start using this BLOB method. There are previous databases out there that don't use BLOBs. Can I mix and match ? Or does this require the previous database to be deleted on an upgrade ? 2) When you say " Use statement paramters and bind the data directly" Are you referring to the examples in http://sqlite.org/c3ref/bind_blob.html as pointed to by Eric Smith? Thanks, Kavita On 7/9/10 11:30 AM, "Jay A. Kreibich" <j...@kreibi.ch> wrote: > On Fri, Jul 09, 2010 at 11:24:19AM -0500, Kavita Raghunathan scratched on the > wall: >> Hello, >> I?m storing encrypted passwords in the sqlite database. The encryption >> algorithm generates ?null? character, and therefore the password >> strings can have nulls in them. >> >> 1. Is this an issue for storing in database ? If strcpy is used >> anywhere, it would be a problem > > They can't be stored as text values without some type of encoding > (like base64), but they can be stored as BLOBs. > >> 2. I?m using sprintf to generate the SQL statement as shown below. >> This causes a problem because sprintf stops printing when it >> encounters ?null?. > > Don't do that. Use statement parameters and bind the data directly. > > -j _______________________________________________ sqlite-users mailing list sqlite-users@sqlite.org http://sqlite.org:8080/cgi-bin/mailman/listinfo/sqlite-users