Geek Answers Handbook

How to run away? data that is inserted into the sqlite database.

I am making an apple application using the space of the phone (which uses the sqlite database).

All my inserts work fine, except when I try to insert a web link. These are errors because there are “characters in the web link”.

Using the following:

var content = 'hello, this is my <a href="www.google.com">link</a>' tx.executeSql('UPDATE PAGES SET content="'+content+'" WHERE id="1"');

Returns the following error

 error code 1 error: "near "http": syntax error"

If I delete the website address, I will not get an error. I tried: content = escape (content);

but it didn’t work.

+7
source share
4 answers

Use parameter binding. This is the right and safest way to do what you are trying to do.

 tx.executeSql('UPDATE PAGES SET content=? WHERE id=1', [content]);
+10
source

To avoid quotes in SQLite, you will have to repeat quotes.

So, to insert a 7" screen , you have to put a 7"" screen in the INSERT statement.

+4
source

The problem is the quotation marks. They change the value of the SQL query and cause an error.

I can not find any information on how to properly screen them. I read that you can put \ in front of them and then add ESCAPE ("\") to the SQL statement, but this does not seem to work with the PhoneGap implementation.

In the end, I made a simple replacement where single or double quotes are replaced with &quot; , eg:

 var thisNotes = $('textarea#notes').val().replace(/(["'])/g,'&quot;');

I just need to display quotes in the text box, but I don’t need them as part of the HTML link, so I'm not sure if the link will work. You may need to cancel the replacement before displaying the link.

Hope this helps.

+1
source

use javascript replace, perhaps create a function like this:

 function CleanDbData( dirty ){ var clean = dirty.replace( "/"","''").replace("<script>","[script]"); return clean; } var mydata = CleanDbData( dirtydata );

this is not AS, you have to mess with regex, etc., but you get the idea [hope]

0
source

More articles:


All Articles