Thorsten Kersting <[email protected]> wrote: > statement = "insert into parameters values('"//trim(adjustl(name))//"', > "//trim(adjustl(czkern))//", "//trim(adjustl(cnofel))//", > "//trim(adjustl(cmb))//", "//trim(adjustl(ck))//", > "//trim(adjustl(cnmax))//", "//trim(adjustl(cbfeld))//", > "//trim(adjustl(cenergy))//", "//trim(adjustl(cip))//");"//char(0) > call executeStatement(trim(statement))
Any possibility of a SQL injection attack in any of the parameters? Note that sqlite3_exec will happily execute multiple statements. Obligatory: http://xkcd.com/327/ > is it possible that this mistake is coming from the nfs? What is the nature of the "mistake", exactly? What data ends up in what table, against your expectations? -- Igor Tandetnik _______________________________________________ sqlite-users mailing list [email protected] http://sqlite.org:8080/cgi-bin/mailman/listinfo/sqlite-users
