> This is my first foree into PDO-SQLite and I saw samples using binding, > I am using prepare() though without binding. > > So you think that had I used binding my escape issue would not be an issue ?
Correct. Though I've not used PDO-SQLite (I use the C interface), I would think that using bound parameters would eliminate your string escaping issues. I use bound parameters almost exclusively: You never have to worry about escaping or sanitizing your strings-- just let the Db engine do the work for you. A related classic: http://xkcd.com/327/ ~Eric _______________________________________________ sqlite-users mailing list sqlite-users@sqlite.org http://sqlite.org:8080/cgi-bin/mailman/listinfo/sqlite-users
