Consider a string with an apostrophe that needs to be inserted into a SQLite

Question

0

Asked: May 18, 20262026-05-18T04:05:45+00:00 2026-05-18T04:05:45+00:00

Consider a string with an apostrophe that needs to be inserted into a SQLite

0

Consider a string with an apostrophe that needs to be inserted into a SQLite table.

INSERT INTO myTable ( table_Title TEXT ) VALUES ( 'world's' )

How can you markup or escape the apostrophe in the value in the INSERT statement?

Report

Leave an answer
Cancel reply

You must login to add an answer.

Need An Account,

1 Answer

Editorial Team · Answer 1 · 2026-05-18T04:05:46+00:00

http://www.sqlite.org/c3ref/bind_blob.html

You should not be passing input directly into a query as a string like this. Not only is it a nuisance, it’s also vulnerable to SQL injection attacks, which may not be a big problem for a Mac app, but is still a bad idea when you have Prepared Statements at your disposal. Prepared Statements ensure the underlying database reads the actual, unmodified, input values safely.

For your specific example (error checking removed for brevity/clarity):

sqlite3 *db;
sqlite3_open("test.db", &db);

// Create a prepared statement
sqlite3_stmt *stmt;
const char *sql = "INSERT INTO myTable (table_Title TEXT) VALUES (?)";
sqlite3_prepare_v2(db, sql, -1, &stmt, NULL);

// Bind the parameter (safely)
sqlite3_bind_text(stmt, 1, "world's", -1, NULL);

// Execute the prepared statement
sqlite3_step(stmt);

(Untested, but you get the idea).

Sign Up

Sign In

Forgot Password

The Archive Base Latest Questions

Consider a string with an apostrophe that needs to be inserted into a SQLite

Leave an answerCancel reply

1 Answer

Leave an answer
Cancel reply