Thanks. The issues regarding injection attacks are not relevant in my present context. What I wanted to know was this -
a. I want to selectively discard N rows from a SQLite dB table. N could be 1 but again it could be, rarely, 10,000 b. Is it better to recursively call Prepare, Step & Finalize from my Delphi App or simply build the full sequence of SQL statements as a string and then pass that to sqlite3_exec? I can appreciate that SQLite has to parse the multiple statements. But it is not like I get a free lunch by issuing the statements one by one out of Delphi. If anything, there is an overhead in terms of the multiple SQLite API calls. -- View this message in context: http://www.nabble.com/sqlite3_exec---statement-length-limit--tp20685872p20687396.html Sent from the SQLite mailing list archive at Nabble.com. _______________________________________________ sqlite-users mailing list sqlite-users@sqlite.org http://sqlite.org:8080/cgi-bin/mailman/listinfo/sqlite-users