firefox - Insert into SQLite with variables using javascript -
I am developing an extension for Firefox and I have created a SQLite DB, I have an error message Receives: Error: Rejecting permission for call method is being rejected. String value is stored in a variable to insert
var book = "Harry Potter"; Var include myInsertQuery = 'mybooks_tbl (title) values (' + book + ');';
How do we include data in the table as a variable and not in the form of a string?
Cheers
SQLite follows the ANSI standard for:
The string string is created by enclosing the string in single quotes (').
Such:
function sqlstr (s) {return "encoded" by entering a single quotation in a single quote within a string '' '' string in one line .replace (+ 'sqlstr (book) +'); ';);'; ' / Code>
You should remember to avoid all string literals in this way, or you can create client-side SQL-injection holes.
Comments
Post a Comment