I think the point is, you need to use a prepared statement and bind the
parameters to it.
The bind process handles the special characters.
So you will need to create a command string with question mark operators in like
stCmdString += " AND fstInfo LIKE ('%' || ?1 || '%') AND fstInfo
LIKE ('%' || ?2 || '%')"
Then use the sqlite3_bind_* () calls to replace the ?n markers with the "
liststLikeFieldValue" strings.
HTH
Andy
-----Original Message-----
From: sqlite-users [mailto:sqlite-users-boun...@mailinglists.sqlite.org] On
Behalf Of Clyde Eisenbeis
Sent: Thu 26 January 2017 15:04
To: SQLite mailing list
Subject: Re: [sqlite] Using SQLite, how can I search for chars that include a
', similar to OLE DB .Parameters?
I've also tried:
string stCmdString = "SELECT" + stFieldNames + "FROM " + stTableName
+ " WHERE " + stLikeFieldName + " LIKE ('%' || " +
liststLikeFieldValue[0] + " || '%')";
which does not work.
On Thu, Jan 26, 2017 at 8:14 AM, heribert <herib...@scharnagl.com> wrote:
> There are some missing spaces i think:
>
> string stCmdString = "SELECT " + stFieldNames + " FROM " + stTableName
> + " WHERE " + stLikeFieldName + " LIKE '%'||" +
> liststLikeFieldValue[0] + "||'%'";
>
> Am 26.01.17 um 15:04 schrieb Clyde Eisenbeis:
>>
>> I tried replacing this:
>>
>>
>> string stCmdString = "SELECT" + stFieldNames + "FROM " + stTableName
>> + " WHERE " + stLikeFieldName + " LIKE '%" + liststLikeFieldValue[0] +
>> "%'";
>>
>> with this:
>>
>> string stCmdString = "SELECT" + stFieldNames + "FROM " + stTableName
>> + " WHERE " + stLikeFieldName + " LIKE '%'||" +
>> liststLikeFieldValue[0] + "||'%'";
>>
>> Does not work.
>>
>> On Wed, Jan 25, 2017 at 11:53 AM, Richard Hipp <d...@sqlite.org> wrote:
>>>
>>> On 1/25/17, Warren Young <war...@etr-usa.com> wrote:
>>>>
>>>> stCmdString += " AND ‘%?1%’ LIKE ‘%?2%’”;
>>>>
>>>> Then use the sqlite3_bind_*() calls to insert parameters 1 and 2 into
>>>> the
>>>> string.
>>>
>>> Not quite. You cannot have parameters embedded in the middle of
>>> strings. The whole string is replaced by a parameter.
>>>
>>> stCmdString += " AND fstInfo LIKE ?1 AND fstInfo LIKE ?2"
>>>
>>> Then the application has to prepend and append the "%" on the strings
>>> before binding. Or, if your application does not want to do that:
>>>
>>> stCmdString += " AND fstInfo LIKE ('%' || ?1 || '%') AND fstInfo
>>> LIKE ('%' || ?2 || '%')"
>>>
>>> Then you can bind the search patterns directly to ?1 and ?2. (Aside:
>>> || is the string concatenation operator in SQL.)
>>>
>>> --
>>> D. Richard Hipp
>>> d...@sqlite.org
>>> _______________________________________________
>>> sqlite-users mailing list
>>> sqlite-users@mailinglists.sqlite.org
>>> http://mailinglists.sqlite.org/cgi-bin/mailman/listinfo/sqlite-users
>>
>> _______________________________________________
>> sqlite-users mailing list
>> sqlite-users@mailinglists.sqlite.org
>> http://mailinglists.sqlite.org/cgi-bin/mailman/listinfo/sqlite-users
>
>
> _______________________________________________
> sqlite-users mailing list
> sqlite-users@mailinglists.sqlite.org
> http://mailinglists.sqlite.org/cgi-bin/mailman/listinfo/sqlite-users
_______________________________________________
sqlite-users mailing list
sqlite-users@mailinglists.sqlite.org
http://mailinglists.sqlite.org/cgi-bin/mailman/listinfo/sqlite-users
---------------------------------------------------------------------------------------
This email has been scanned for email related threats and delivered safely by
Mimecast.
For more information please visit http://www.mimecast.com
---------------------------------------------------------------------------------------
_______________________________________________
sqlite-users mailing list
sqlite-users@mailinglists.sqlite.org
http://mailinglists.sqlite.org/cgi-bin/mailman/listinfo/sqlite-users
