On 11/17/17, Peter Da Silva <peter.dasi...@flightaware.com> wrote:
>
> $db eval {
> SELECT Tea
> FROM teaInStock
> ORDER BY LastUsed DESC
> LIMIT $nrToFetch;
> } {
> ... do something with $Tea ...
> }
>
> This latter case works because the query is surrounded by {} so Tcl won’t
> substitute the variable, it will be seen and securely inserted into the
> query by SQLite.
FWIW, this is the reason that SQLite, uniquely among all modern SQL
database engines, understands $nrToFetch as a bound parameter.
--
D. Richard Hipp
d...@sqlite.org
_______________________________________________
sqlite-users mailing list
sqlite-users@mailinglists.sqlite.org
http://mailinglists.sqlite.org/cgi-bin/mailman/listinfo/sqlite-users
