I have implemented an SQLite database on a BlackBerry mobile device. My problem is that the BlackBerry API is very limited, and does not offer prepared statements. Therefore, I am unable to (easily) escape the SQL to prevent against SQL injection. Does anyone have any alternatives? Unfortunately, REGEX is not available to me either...
Do I basically 开发者_JAVA百科need to do a replaceAll() for all special characters?
Thanks!
I am surprised at your assertion that there are no prepared statements supported for SQLite on Blackberry, given that a tiny amount of googling and link following leads me to this example which shows exactly how to do a prepared statement with positional parameters.
![Interactive visualization of a graph in python [closed]](https://www.devze.com/res/2023/04-10/09/92d32fe8c0d22fb96bd6f6e8b7d1f457.gif)
加载中,请稍侯......
精彩评论