On Sat, Mar 24, 2012 at 7:42 PM, Michael Parker <michael.g.par...@gmail.com> wrote: > In Android, SQLiteStatement allows me to use prepared statements in > SQLite (i.e. the good type with escaped values that prevents injection > attacks). But it seems that you can only use them for create/update/ > delete operations, and not for read operations (i.e. queries). > > This isn't a limitation of SQLite, because in iOS (ahem) I can create > prepared statements of type sqlite3_stmt* and use them for queries. > How can I do this in Android?
AFAIK, you can't. > I don't want to query without using a prepared statement... http://c2.com/cgi/wiki?PrematureOptimization -- Mark Murphy (a Commons Guy) http://commonsware.com | http://github.com/commonsguy http://commonsware.com/blog | http://twitter.com/commonsguy _The Busy Coder's Guide to *Advanced* Android Development_ Version 2.5 Available! -- You received this message because you are subscribed to the Google Groups "Android Developers" group. To post to this group, send email to android-developers@googlegroups.com To unsubscribe from this group, send email to android-developers+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/android-developers?hl=en
