How to insert statements that contains apostrophes into Sqlite database

In my iPhone app I am using an Sqlite database. I have a requireme开发者_JAVA百科nt to store the text in database. The text contains apostrophes.

For example:

Insert into tbl_insert values ('It is Steve's Shirt');

How to store this kind of statements in Sqlite database?

This is something that I go through in SQL Server and MySQL as well. You should definitely use parameterised SQL queries

See this page for examples in many languages.

I strongly discourage the use of literal strings in the update statement. Use parameterized queries. There's no reason to compromise security

You can write a function which replaces each instance of character ' with ''

http://www.kamath.com/codelibrary/cl003_apostrophe.asp

Simply replace ' characters to ` :)

text = text.replace("'", "`");

With python and sqlite3 i found that the following line worked perfectly (replacing ' with '')

myString = myString.replace('\'', '\'\'')

the string can then be concatenated in an UPDATE command

The line is stored and displayed correctly. It also works great with Grafana.

I'm not yet sure if this is specific to the sqlite3 python module or if it can be generalized