SQLite injection - Doing something wrong with querying


I'm trying to do some Sqlite querying but I don't know if I'm doing it correctly because this feels really unsave to do. So my question is how do I fix this. I'm new to the whole Xamarin and Sqlite usage.

I'm only making a Android project so it is not a cross platform application. I also cant seem to figure out where to get Mono.Data.Sqlite if I even need it.

static public List<Users> SelectUser(string name) { try { var dbConn = new SQLiteConnection(DatabasePath); { return dbConn.Query<Users>("SELECT name, email FROM TblUsers where name = " + name+ ";"); } } catch (SQLiteException ex) { return null; } }

Best Answer


Sign In or Register to comment.