Thanks. Sounds like I have to use BLOBs which is not what I'm doing

1) I wonder about backward compatibility when I start using this BLOB
method. There are previous databases out there that don't use BLOBs. Can I
mix and match ? Or does this require the previous database to be deleted on
an upgrade ?

2) When you say " Use statement paramters and bind the data directly" Are
you referring to the examples in as
pointed to by Eric Smith?


On 7/9/10 11:30 AM, "Jay A. Kreibich" <> wrote:

> On Fri, Jul 09, 2010 at 11:24:19AM -0500, Kavita Raghunathan scratched on the
> wall:
>> Hello,
>> I?m storing encrypted passwords in the sqlite database. The encryption
>> algorithm generates ?null? character, and therefore the password
>> strings can have nulls in them.
>>  1.  Is this an issue for storing in database ? If strcpy is used
>>      anywhere, it would be a problem
>   They can't be stored as text values without some type of encoding
>   (like base64), but they can be stored as BLOBs.
>>  2.  I?m using sprintf to generate the SQL statement as shown below.
>>      This causes a problem because sprintf stops printing when it
>>      encounters ?null?.
>   Don't do that.  Use statement parameters and bind the data directly.
>    -j

sqlite-users mailing list

Reply via email to