Sign in to follow this  
Followers 0
hoangthi

SQL injection

3 posts in this topic

I used sqlite.au3, but ...SQL injection

Please help me fix it.

Share this post


Link to post
Share on other sites



Can you restate the question? I'm not entirely sure what you're asking.

Are you trying to prevent SQL injection?

Share this post


Link to post
Share on other sites

Can you restate the question? I'm not entirely sure what you're asking.

Are you trying to prevent SQL injection?

#include <SQLite.au3>
#include <SQLite.dll.au3>

Local $hQuery, $aRow, $sMsg,$me
_SQLite_Startup ()
_SQLite_Open (); open :memory: Database
_SQLite_Exec (-1, "CREATE TABLE aTest (a,b,c);"); CREATE a Table

$me="I'm HoangThi"
_SQLite_Exec (-1, "INSERT INTO aTest(a,b,c) VALUES ('c',2,'"&$me&"');"); INSERT Data

$me='"kill online"'
_SQLite_Exec (-1, 'INSERT INTO aTest(a,b,c) VALUES ("c",2,"'&$me&'");'); INSERT Data

_SQlite_Query (-1, "SELECT c FROM aTest ORDER BY a;", $hQuery); the query
While _SQLite_FetchData ($hQuery, $aRow) = $SQLITE_OK
    $sMsg &= $aRow[0]
WEnd
_SQLite_Exec (-1, "DROP TABLE aTest;"); Remove the table
MsgBox(0,"SQLite","Get Data using a Query : " &  $sMsg )
_SQLite_Close()
_SQLite_Shutdown()

I want to be using both 'and " but I can only use 1 ' or "

how to fix this ?

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now
Sign in to follow this  
Followers 0