string TheName = "David"; string UserTable = "INSERT INTO USER (name) values (TheName)"; SQLiteCommand command2 = new SQLiteCommand(UserTable, m_dbConnection); command2.ExecuteNonQuery();
I was wondering if it is possible to insert a variable in my SQLite table (like the TheName in the example code) , and if it is how are you able to do it ?
Advertisement
Answer
You need parameterized queries:
command2.CommandText = "INSERT INTO User (name) VALUES(@param1)";
command2.CommandType = CommandType.Text;
command2.Parameters.Add(new SQLiteParameter("@param1", TheName));