NeDark
Reputation: 1294
Escaping string for SQL in C++
I am searching a simple "addslashes" function for a program that must save in a sqlite database some information.
Thanks.
Upvotes: 1
Views: 4429
Answers (3)
Artyom
Reputation: 31233
- I'd suggest to use prepared statement and data binding to query so you would not need escaping or use a library like CppDB or SOCI to do it easily
Sqlite3 uses SQL standard quites, so for escaping text you need to "double the quotes" for blob you need hexadecimal representation, i.e.
C string: char const *s="I'm" -> SQL: 'I''m' C blob : char s[2]={0xFF,0} -> SQL: x'FF00'
Upvotes: 2
Jeff Hubbard
Reputation: 9892
Instead of trying to re-implement addslashes, you should instead look into using prepared statements. They're simpler, faster, and easier.
Upvotes: 4
Related Questions
- How to use a string in a Sql argument?
- Escaping strings with the C++ Mysql Driver
- SQLite escape string c++
- How to prepare a C++ string for sql query
- Cant seem to escape a query i am sending to my sqlite3 db, not sure why
- SQLite3 error when escaping string
- How to escape in sqlite?
- C++ Mysql Real Escape String Issue
- How do I use ESCAPE in SQLite?
- SQL escape with sqlite in C#