On 8 Oct 2011, at 10:37pm, Tim Streater wrote: > I have this string: > > attach database ':memory:' as mem; create table mem.messages ( absid > integer, ..., replyto text ); > > (where the ellipsis represents a number of other column declarations). In > PHP, I do this: > > $dbh->query ($str); > > where $str contains the string from above.
I'm not clear whether you're using the PDO or the sqlite3 extension to PHP. But first I notice you're using ::query() and you should be using ::exec() . And second, the documentation says that both functions execute only one statement. My guess is that they ignore everything after the ';' used as a statement separator. But you should try it with ::exec() and find out for yourself. Refusing to process multiple SQL statements is probably going to be the best thing to do in today's security-sensitive times. It acts against attempts to break your database using techniques like this: <http://xkcd.com/327/> Simon. _______________________________________________ sqlite-users mailing list [email protected] http://sqlite.org:8080/cgi-bin/mailman/listinfo/sqlite-users
