From: seandakid on


Have you ever used the BIND statement?


NotReally GonnaTell wrote:
> Hello all, I am wondering how I should prevent SQL injection attacks while
> using SQLite, MySQL has the trusted mysqli_real_escape_string,
> but SQLite doesn't have it's own custom function, i've tried str_replace
> in
> my code, but SQLite returns an error whenever I use a '. I've tried
> googling
> around, but I haven't found anything useful.

View this message in context:
Sent from the PHP - General mailing list archive at