SQLite issues, escaping certain characters...

Posted by CODe on Stack Overflow See other posts from Stack Overflow or by CODe
Published on 2011-01-04T23:59:51Z Indexed on 2011/01/05 0:54 UTC
Read the original article Hit count: 127

Filed under:
|
|
|
|

I'm working on my first database application. It is a WinForms application written in C# using a SQLite database.

I've come across some problems, when a apostrophe is used, my SQLite query fails. Here is the structure of my queries.

string SQL = "UPDATE SUBCONTRACTOR SET JobSite = NULL WHERE JobSite = '" + jobSite + "'";

For instance, if an apostrophe is used in the jobSite var, it offsets the other apostrophes in the command, and fails.

So my questions are:

1. How do I escape characters like the apostrophe and semicolon in the above query example?

2. What characters do I need to escape? I know I should escape the apostrophe, what else is dangerous?

Thanks for your help!

© Stack Overflow or respective owner

Related posts about c#

Related posts about .NET