I have one function in my objective c code that updates a SQLite table

Question

0

Asked: June 7, 20262026-06-07T17:26:03+00:00 2026-06-07T17:26:03+00:00

I have one function in my objective c code that updates a SQLite table

0

I have one function in my objective c code that updates a SQLite table column with notes entered by the user in a text field. I want to make sure that I’m doing this properly so that there are no security issues or problems in general. Here is my code, is there something I can do to make this more secure, or is it already OK?

sqlite3_stmt *stmt=nil;
sqlite3 *cruddb;

//insert
const char *sql = "UPDATE Peaks SET notes=? where ID=?";

//Open db
sqlite3_open([path UTF8String], &cruddb);
sqlite3_prepare_v2(cruddb, sql, -1, &stmt, NULL);
sqlite3_bind_text(stmt, 1, [self.viewNotes.text UTF8String], -1, SQLITE_TRANSIENT);
sqlite3_bind_int(stmt, 2, [self.detailItem ID]);

sqlite3_step(stmt);
sqlite3_finalize(stmt);
sqlite3_close(cruddb);

Report

Leave an answer
Cancel reply

You must login to add an answer.

Need An Account,

1 Answer

Editorial Team · Answer 1 · 2026-06-07T17:26:05+00:00

Editorial Team

2026-06-07T17:26:05+00:00Added an answer on June 7, 2026 at 5:26 pm

You are already SQL injection safe because you are passing user input through sqlite3_bind_text and sqlite3_bind_int.

0

Reply
Share
Share

- Report

Sign Up

Sign In

Forgot Password

The Archive Base Latest Questions

I have one function in my objective c code that updates a SQLite table

Leave an answerCancel reply

1 Answer

Leave an answer
Cancel reply