[Date Prev][Date Next][Thread Prev][Thread Next]
[Date Index]
[Thread Index]
- Subject: Re: when I insert table, value is a string contains apostrophe - it throws an error there - how to fix
- From: Florian Weimer <fw@...>
- Date: Wed, 03 Feb 2010 15:27:10 +0100
* Vasanta:
> Thanks a lot for your help. I am using sqlite3.
Here's a complete example. It turns out that LuaSQL doesn't support
parametrized queries (or prepared statements), so you have to do your
escaping manually.
It's key to encode all externally supplied data with conn:escape(str)
and wrap its result in ''.
require "luasql.sqlite3"
local env = luasql.sqlite3()
local conn = env:connect(":memory:")
assert(conn:execute("CREATE TABLE foo(a, b)"))
local data = [['"]]
assert(conn:execute("INSERT INTO foo VALUES ('"
.. conn:escape(data)
.. "', 'data')"))
local c = conn:execute("SELECT a, b FROM foo")
while true do
local a, b = c:fetch()
if a then
print(a, b)
else
break
end
end
- References:
- when I insert table, value is a string contains apostrophe - it throws an error there - how to fix, Vasanta
- Re: when I insert table, value is a string contains apostrophe - it throws an error there - how to fix, Florian Weimer
- Re: when I insert table, value is a string contains apostrophe - it throws an error there - how to fix, Vasanta
- Re: when I insert table, value is a string contains apostrophe - it throws an error there - how to fix, noel frankinet
- Re: when I insert table, value is a string contains apostrophe - it throws an error there - how to fix, Florian Weimer
- Re: when I insert table, value is a string contains apostrophe - it throws an error there - how to fix, Vasanta
