-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 08/10/11 15:32, Simon Slavin wrote: > And second, the documentation says that both functions execute only one > statement. My guess is that they ignore everything after the ';' used > as a statement separator.
Just to be clear it won't be that they are parsing the SQL. The SQLite C API for preparing a statement does the parsing of the complete text parsed in, stopping at the end of the first statement. It tells the developer where the next statement starts in that text. Most likely they are discarding that information. It is consequently easy to alter the code to only accept one statement, or to make it keep executing all the statements. The good news is that the existing code can't be fooled into thinking the statement ends somewhere different than where it actually does since it is the SQLite core making that determination and it isn't foolish. Roger -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) iEYEARECAAYFAk6Q1rwACgkQmOOfHg372QSiFwCgiVxPxNvlJcJVgVw4gPESfPog ZbsAnRvZi9P3p6R8qabxA7wDsvm+E3Td =x/kH -----END PGP SIGNATURE----- _______________________________________________ sqlite-users mailing list [email protected] http://sqlite.org:8080/cgi-bin/mailman/listinfo/sqlite-users
