On Sep 14, 2017, at 10:27 AM, Jens Alfke <j...@mooseyard.com> wrote: > > s << "INSERT INTO " << table_name << " (" << data;
You probably just wrote a SQL injection vulnerability. Use prepared statements, [named] parameters, and the “bind” functions to build the query string instead. https://sqlite.org/c3ref/stmt.html _______________________________________________ sqlite-users mailing list sqlite-users@mailinglists.sqlite.org http://mailinglists.sqlite.org/cgi-bin/mailman/listinfo/sqlite-users