Reputation: 734
Special characters are not getting identified by sqlite
Am using sql query to get the data.. And my query is
select * from green where outlineDate between '2013-01-01' and '2013-12-31' and outlineTitle = 'That's Alright'
The outlineTitle got single quote, that is not getting data from the db eventhough db has data.If i put another outlineTitle without any special characters, its working...
Please help me out guys.... thanks in advance...
Upvotes: 1
Views: 745
Answers (1)
Reputation: 318794
You are creating your query improperly. Never use a string format to build a query string. Most likely you are doing something like:
NSString *title = ... // some title that might have "special characters"
NSString *query = [NSString stringWithFormat:@"select * ... and outlineTitle='%@'", title];
This is a very bad way to create the query. The proper way is to use prepared statements.
NSString *title = ... // some title that might have "special characters"
sqlite3_stmt *stmt = NULL;
sqlite3_prepare_v2(dbHandle, "SELECT * FROM green WHERE outlineTitle = ?", -1, &stmt, nil);
sqlite3_bind_text(stmt, 1, [title UTF8String], -1, SQLITE_TRANSIENT);
By using ? in your query and then using the proper sqlite3_bind_xxx method, all values are properly escaped and quoted. This fixes the problem with single quotes and other characters. This also fixes potential SQL injection attacks.
Upvotes: 1
Related Questions
- Queries with special characters not fetching data (Objective C)
- SQLite MYSQL character encoding
- Difficulty dealing with encoding in SQLite
- SQLite Encoding Issue
- Insert Special character in sqlite
- How to get original special characters from SQLite db using iPhone SDK?
- Spanish unicode characters SQLite
- How do I correctly read and print an accented character from SQLite?
- SQLite3, UTF-8, Objective-C
- Encoding problem in sqlite and objective-c