On Tue, Mar 22, 2016 at 8:45 AM, Dominique Devienne <ddevienne at gmail.com> wrote:
> On Tue, Mar 22, 2016 at 12:36 AM, James K. Lowden < > jklowden at schemamania.org> wrote: > >> Roger's APSW is SQLIte specific. It's pretty easy to imagine, isn't >> it, that >> >> char sql[] = "select [col] from [foo]"; >> >> is easier for him to use than >> >> char sql[] = "select \"col\" from \"foo\""; >> >> even if he's not using C? >> > > Then I'd advise https://www.sqlite.org/c3ref/mprintf.html and %q or %Q :) > That's silly of course, that's for literals, not idents. Oh well... But %w to the rescue! The "%w" formatting option is intended for safely inserting table and column names into a constructed SQL statement. It escapes the double-quote character instead of the single-quote character.
