#33 SQLiteManager has many bugs.

[Anonymous]

SQLiteManager has many bugs.

Read the SQLite keywords.
http://sqlite.org/lang_keywords.html

example
create table 'table'('integer' integer);
create table 'int'('%' integer);
create table '&'('=' integer);
this is a right syntax.

edit ,veiw and more
SQLiteManager coruse error.

trigger-name
table-name
column-name
index-name
view-name
...-name

These value must be escaped.

to use quotes() function

:example
brackets($table)
--> quotes(brackets($table))

brackets($champ)
--> quotes(brackets($champ))

brackets(cleanFieldName($value))
--> quotes(brackets(cleanFieldName($value)))

$this->table
--> quotes($this->table)

brackets($this->table)
--> quotes(brackets($this->table))

brackets($indexInfo['name'])
--> quotes(brackets($indexInfo['name']))

quotes(brackets($itemName))

table='.$this->table
table='.htmlentities(urlencode($this->table))

table='.$GLOBALS['table']
table='.htmlentities(urlencode($GLOBALS['table']))

htmlentities(urlencode($accessResult))
htmlentities(urlencode($GLOBALS[strtolower($Items)]))

[Gandalf]

Logged In: YES
user_id=1598437

He just means you should add some quotations in the SQL
Strings. Otherwise the SQL statements don't work the right way.

Example:
SQLiteManager: DROP TABLE TABLE
Right SQL String: DROP TABLE 'TABLE'

There are many keywords and special letters (like & or %)
which have to be writen in qoutes.