Skip to content Skip to sidebar Skip to footer
Home / Android / Sqlite

Sqlite: Escaping Special Characters

Post a Comment
Is there a common way within Android to escape all of the characters that aren't allowed in a SQLite database? For instance, 'You\'Me''. Instead of me figuring out every single c

Solution 1:

In SQL, strings are delimited with 'single quotes'. To use one inside a string, you have to double it.

There are no other characters that need to be escaped in SQL. (If you're embedding strings in another language, such as Java, you also have to use the escape mechanisms of that language.)

To avoid string formatting problems, you should use parameters instead:

Stringname="me";
db.rawQuery("SELECT ... WHERE name = ?", newString[]{ name });

Post a Comment for "Sqlite: Escaping Special Characters"