On 4/17/19, Jens Alfke <j...@mooseyard.com> wrote: > The new sqlite3_value_frombind() function sounds intriguing ā "True if value > originated from a bound parameter > ā but Iām drawing a blank thinking of use cases for it. Optimizations? > Security? What was the rationale for adding it?
This facilities additional security measures. If a value comes from a bind, then (at least in most systems) that means it did not come from an SQL injection from an attacker, and hence the value is more trustworthy. -- D. Richard Hipp d...@sqlite.org _______________________________________________ sqlite-users mailing list sqlite-users@mailinglists.sqlite.org http://mailinglists.sqlite.org/cgi-bin/mailman/listinfo/sqlite-users
