I have an issue with inserting a value into table by FMDB. I have SQL string like this:
NSString *sql = [NSString stringWithFormat:@"INSERT INTO table( COMPANY, PAGE_NO ) VALUES ('%@',%d,%d)",value1,value2,value3];
And I use FMDB like this for SQL string above:
[FMDatabase: 0x433e80> executeUpdate: sql]
It works, but when I use value1 = @"Test'12". It has a character " ' " and it fails.
Please help me, I want to keep using the method executeUpdate from FMDB
Thanks
Looks like you're not passing the correct number of parameters to your query, you're listing 2 columns and passing 3 parameters. I'll assume that's a typo.
You should really parameterise your query; use ? where the parameters should go and instead pass them to executeUpdate. That way, problematic characters will be handled automatically.
That would change your code to something more like;
NSString *sql = @"INSERT INTO table(COMPANY, PAGE_NO) VALUES (?,?)";
[database executeUpdate:sql, value1, [NSNumber numberWithInt:value2], nil];
Note the call to numberWithInt that is required to convert int to an NSNumber, since executeUpdate requires all its arguments to be objects, not primitive types.
