Sending SQL to SQLite

Previous page
Table of content
Next page

 sqlite_exec()


The PHP function sqlite_exec() sends an SQL statement to the database. As the first parameter, the database handlereturned by sqlite_open()is used; the second parameter is the SQL string. To avoid SQL injection, the PHP function sqlite_escape_string() escapes dangerous characters in dynamic data. The preceding code implements this for the sample table quotes that has also been used in the MySQL phrases.

Sending SQL to SQLite (sqlite_exec.php; excerpt)
 <?php   if ($db = @sqlite_open('quotes.db', 0666, $error))     {     require_once 'stripFormSlashes.inc.php';     sqlite_exec($db, sprintf(       'INSERT INTO quotes (quote, author, year)          VALUES (\'%s\', \'%s\', \'%s\')',       sqlite_escape_string($_POST['quote']),       sqlite_escape_string($_POST['author']),       intval($_POST['year'])));     echo 'Quote saved.';     sqlite_close($db);   } else {     echo 'Connection failed: ' . htmlspecialchars       ($error);   } ?>

TIP

If a table contains an identity column (data type INTEGER PRIMARY KEY when using SQLite), calling sqlite_last_insert_rowid() after sending an SQL statement returns the value this column has for the new entry in the database.




Previous page
Table of content
Next page
PHP Phrasebook
PHP Phrasebook
ISBN: 0672328178
EAN: 2147483647
Year: 2005
Pages: 193
Authors: Christian Wenz
BUY ON AMAZON
MySQL Stored Procedure Programming
Identifying and Managing Project Risk: Essential Tools for Failure-Proofing Your Project
Twisted Network Programming Essentials
Cisco ASA: All-in-One Firewall, IPS, and VPN Adaptive Security Appliance
Sap Bw: a Step By Step Guide for Bw 2.0
Special Edition Using FileMaker 8
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy