On Thu, Jul 16, 2009 at 4:20 AM, Michael Schlenker <m...@contact.de> wrote:
>
>
> This is perfectly safe:
> set result [db1 eval {select * from X where label = $myStringValue and id >
> $compId}]
>
> But you MUST use {} to quote your query and not "", so sqlite gets to do
> the
> substitution (or better said convert things to prepared statements and bind
> values correctly) and not Tcl.
No reason to avoid Tcl. You can also avoid the possibility of Tcl
substitution by using :myStringValue instead of $myStringValue.
Gerry
_______________________________________________
sqlite-users mailing list
sqlite-users@sqlite.org
http://sqlite.org:8080/cgi-bin/mailman/listinfo/sqlite-users
