This is for a university project and the requirements state we only need to have a program with basic interaction with a database, we wont be expected to guard against injection attacks. Saying that it will still have good string sanitation and validation.
Originally Posted by Salem
Sorry I should not have put the table name in bold, this isn't for the user to change. The application is a basic address book, the only inputs they will be giving are for fields like FIRST_NAME etc.
Originally Posted by laserlight
This is what I'm trying to do more or less.
cont char *userstring = "test";
queries[ind++] = ("INSERT INTO table VALUES('%s','string',0)", userstring);
retval = sqlite3_exec(handle,queries[ind-1],0,0,0);
Error I get is: warning: assignment from incompatible pointer type
Thank you for your replies so far I appreciate it. Sorry if I haven't been clear I'm have trouble with C as I'm not really used to imperative programming.