Hello! On Friday 27 February 2009 17:32:36 Arjen Markus wrote: > This is the Tcl binding, right? > You could replace the variable by its value using [string map]: > > db eval [string map [list USER_ID $user_id ...] $sql_statement] > > or more directly: > > db eval \ > "CREATE TABLE view_report_01 AS ... > WHERE u.id = $user_id > ..." >
With SQL injection security problems as result. It's not a good decision. Best regards. _______________________________________________ sqlite-users mailing list sqlite-users@sqlite.org http://sqlite.org:8080/cgi-bin/mailman/listinfo/sqlite-users
