SQLite Forum


1 forum post by user ahmed.ramadan02

08:54 Post: The characters to be escaped in Sqlite3 to prevent Sql Injection (artifact: 3be0065bb2 user: ahmed.ramadan02)

I am working on a project that using sqlite and we are trying to escape the special characters which might lead to the Sql injections.

I made a research and I found that the escape schema is different per the database engine (e.g. sqlite is different from MySql). And I found out that in case of sqlite we need to escape only a ' (single quote) by just adding another single quote. but I have tried also to use " instead of ' and seems that the " should be escaped by adding another ".

=> So could anyone confirm my previous information? also please highlight if other characters need to be escaped?