I cannot use parameterized queries because the queries are more complex than the simple one that I wrote, I've sqlite3_get_table Citando Igor Tandetnik <itandet...@mvps.org>:
> <galea...@korg.it> wrote in message > news:20090416124428.h5zi6xji5h5wk...@webmail.korg.it >> I'm currently working with a framework which uses wstring, how can I >> dynamically create queries like this: >> std::wstring sQuery = L"SELECT * FROM Table WHERE Tilte = '"; >> sQuery += title; //it's a wstring >> sQuery += "'" >> >> I tried to use (const char*)sQuery.c_str() but it doesn't work. > > Tried to use where? Doesn't work how? > > By the way, your approach is going to break if title happens to have > apostrophes in it. Rather than building the statement like this, use > parameterized queries. See http://sqlite.org/c3ref/prepare.html > > Igor Tandetnik > > > > _______________________________________________ > sqlite-users mailing list > sqlite-users@sqlite.org > http://sqlite.org:8080/cgi-bin/mailman/listinfo/sqlite-users > _______________________________________________ sqlite-users mailing list sqlite-users@sqlite.org http://sqlite.org:8080/cgi-bin/mailman/listinfo/sqlite-users
