Now you know a bit more about what you are looking for, perhaps you should revisit the links Warren Young gave a few days ago...
>> You’re looking for prepared statements with parameters: >> https://sqlite.org/c3ref/stmt.html >> https://sqlite.org/lang_expr.html#varparam Regards Andy -----Original Message----- From: sqlite-users [mailto:sqlite-users-boun...@mailinglists.sqlite.org] On Behalf Of Clyde Eisenbeis Sent: Thu 26 January 2017 15:41 To: SQLite mailing list Subject: Re: [sqlite] Using SQLite, how can I search for chars that include a ', similar to OLE DB .Parameters? Not finding much. I will try searching for a single word: string stCmdString = "SELECT" + stFieldNames + "FROM " + stTableName + " WHERE " + stLikeFieldName + " LIKE ('%' || ?1 || '%') "; When I tried entering: sqlite3_bind_ the compiler starts complaining. On Thu, Jan 26, 2017 at 9:18 AM, Clyde Eisenbeis <cte...@gmail.com> wrote: > I'm searching the internet for sqlite3_bind_* () examples. > > On Thu, Jan 26, 2017 at 9:14 AM, Andy Ling <andy.l...@s-a-m.com> wrote: >> I think the point is, you need to use a prepared statement and bind the >> parameters to it. >> The bind process handles the special characters. >> >> So you will need to create a command string with question mark operators in >> like >> >> stCmdString += " AND fstInfo LIKE ('%' || ?1 || '%') AND fstInfo >> LIKE ('%' || ?2 || '%')" >> >> Then use the sqlite3_bind_* () calls to replace the ?n markers with the " >> liststLikeFieldValue" strings. >> >> HTH >> >> Andy >> >> -----Original Message----- >> From: sqlite-users [mailto:sqlite-users-boun...@mailinglists.sqlite.org] On >> Behalf Of Clyde Eisenbeis >> Sent: Thu 26 January 2017 15:04 >> To: SQLite mailing list >> Subject: Re: [sqlite] Using SQLite, how can I search for chars that include >> a ', similar to OLE DB .Parameters? >> >> I've also tried: >> >> string stCmdString = "SELECT" + stFieldNames + "FROM " + stTableName >> + " WHERE " + stLikeFieldName + " LIKE ('%' || " + >> liststLikeFieldValue[0] + " || '%')"; >> >> which does not work. >> >> On Thu, Jan 26, 2017 at 8:14 AM, heribert <herib...@scharnagl.com> wrote: >>> There are some missing spaces i think: >>> >>> string stCmdString = "SELECT " + stFieldNames + " FROM " + stTableName >>> + " WHERE " + stLikeFieldName + " LIKE '%'||" + >>> liststLikeFieldValue[0] + "||'%'"; >>> >>> Am 26.01.17 um 15:04 schrieb Clyde Eisenbeis: >>>> >>>> I tried replacing this: >>>> >>>> >>>> string stCmdString = "SELECT" + stFieldNames + "FROM " + stTableName >>>> + " WHERE " + stLikeFieldName + " LIKE '%" + liststLikeFieldValue[0] + >>>> "%'"; >>>> >>>> with this: >>>> >>>> string stCmdString = "SELECT" + stFieldNames + "FROM " + stTableName >>>> + " WHERE " + stLikeFieldName + " LIKE '%'||" + >>>> liststLikeFieldValue[0] + "||'%'"; >>>> >>>> Does not work. >>>> >>>> On Wed, Jan 25, 2017 at 11:53 AM, Richard Hipp <d...@sqlite.org> wrote: >>>>> >>>>> On 1/25/17, Warren Young <war...@etr-usa.com> wrote: >>>>>> >>>>>> stCmdString += " AND ‘%?1%’ LIKE ‘%?2%’”; >>>>>> >>>>>> Then use the sqlite3_bind_*() calls to insert parameters 1 and 2 into >>>>>> the >>>>>> string. >>>>> >>>>> Not quite. You cannot have parameters embedded in the middle of >>>>> strings. The whole string is replaced by a parameter. >>>>> >>>>> stCmdString += " AND fstInfo LIKE ?1 AND fstInfo LIKE ?2" >>>>> >>>>> Then the application has to prepend and append the "%" on the strings >>>>> before binding. Or, if your application does not want to do that: >>>>> >>>>> stCmdString += " AND fstInfo LIKE ('%' || ?1 || '%') AND fstInfo >>>>> LIKE ('%' || ?2 || '%')" >>>>> >>>>> Then you can bind the search patterns directly to ?1 and ?2. (Aside: >>>>> || is the string concatenation operator in SQL.) >>>>> >>>>> -- >>>>> D. Richard Hipp >>>>> d...@sqlite.org >>>>> _______________________________________________ >>>>> sqlite-users mailing list >>>>> sqlite-users@mailinglists.sqlite.org >>>>> http://mailinglists.sqlite.org/cgi-bin/mailman/listinfo/sqlite-users >>>> >>>> _______________________________________________ >>>> sqlite-users mailing list >>>> sqlite-users@mailinglists.sqlite.org >>>> http://mailinglists.sqlite.org/cgi-bin/mailman/listinfo/sqlite-users >>> >>> >>> _______________________________________________ >>> sqlite-users mailing list >>> sqlite-users@mailinglists.sqlite.org >>> http://mailinglists.sqlite.org/cgi-bin/mailman/listinfo/sqlite-users >> _______________________________________________ >> sqlite-users mailing list >> sqlite-users@mailinglists.sqlite.org >> http://mailinglists.sqlite.org/cgi-bin/mailman/listinfo/sqlite-users >> --------------------------------------------------------------------------------------- >> This email has been scanned for email related threats and delivered safely >> by Mimecast. >> For more information please visit http://www.mimecast.com >> --------------------------------------------------------------------------------------- >> >> _______________________________________________ >> sqlite-users mailing list >> sqlite-users@mailinglists.sqlite.org >> http://mailinglists.sqlite.org/cgi-bin/mailman/listinfo/sqlite-users _______________________________________________ sqlite-users mailing list sqlite-users@mailinglists.sqlite.org http://mailinglists.sqlite.org/cgi-bin/mailman/listinfo/sqlite-users --------------------------------------------------------------------------------------- This email has been scanned for email related threats and delivered safely by Mimecast. For more information please visit http://www.mimecast.com --------------------------------------------------------------------------------------- _______________________________________________ sqlite-users mailing list sqlite-users@mailinglists.sqlite.org http://mailinglists.sqlite.org/cgi-bin/mailman/listinfo/sqlite-users