Hi, Have you ever used the BIND statement? http://www.sqlite.org/c3ref/bind_blob.html http://www.sqlite.org/c3ref/bind_blob.html -Steve NotReally GonnaTell wrote: > > Hello all, I am wondering how I should prevent SQL injection attacks while > using SQLite, MySQL has the trusted mysqli_real_escape_string, > but SQLite doesn't have it's own custom function, i've tried str_replace > in > my code, but SQLite returns an error whenever I use a '. I've tried > googling > around, but I haven't found anything useful. > > -- View this message in context: http://old.nabble.com/How-to-Protect-Against-SQL-Injection-Attacks-While-Using-SQLite--tp15400303p28612966.html Sent from the PHP - General mailing list archive at Nabble.com. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
