If you are unsure if you should use ".ExecNonQuery2(..., ...)" you will find important hints here:
-
Welcome to B4X forum!
B4X is a set of simple and powerful cross platform RAD tools:
- B4A (free) - Android development
- B4J (free) - Desktop and Server development
- B4i - iOS development
- B4R (free) - Arduino, ESP8266 and ESP32 development
[Good read] SQL injection is still a thing today?
- Thread starter fredo
- Start date
- Similar Threads Similar Threads
Another good read (http://www.sommarskog.se/dynamic_sql.html). The title is: The Curse and Blessings of Dynamic SQL. If you think you need to use dynamic SQL, think really, really hard about why (and 99.99999% of the time you should not). Technically, dynamic SQL should only be used by administrators/for administrators. User's and front end applications should never be exposed to nor be given access to dynamic SQL. Obligatory xkcd link (https://xkcd.com/327/).