Bound Parameters

Statement parameters are special tokens that are inserted into the SQL command string before it is passed to one of the sqlite3_prepare_xxx() functions. They act as a placeholder for any literal value, such as a bare number or a single quote string. After the statement is prepared, but before it is executed, you can bind specific values to each statement parameter. Once you’re done executing a statement, you can reset the statement, bind new values to the parameters, and execute the statement again—only this time with the new values.

Parameter Tokens

SQLite supports five different styles of statement parameters. These short string tokens are placed directly into the SQL command string, which can then be passed to one of the sqlite3_prepare_xxx() functions. Once the statement is prepared, the individual parameters are referenced by index.

?

An anonymous parameter with automatic index. As the statement is processed, each anonymous parameter is assigned a unique, sequential index value, starting with one.

?<index>

Parameter with explicit numeric index. Duplicate indexes allow the same value to be bound multiple places in the same statement.

:<name>

A named parameter with an automatic index. Duplicate names allow the same value to be bound multiple places in the same statement.

@<name>

A named parameter with an automatic index. Duplicate names allow the same value to be bound multiple places in the same statement. Works exactly like the colon parameter.

$<name>

A named ...

Get Using SQLite now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.