09-19-2013 04:07 PM - edited 09-19-2013 04:41 PM
Extremely good point! I've been developing for the desktop for over 25 years so I just take that step for granted. Also, in my app the user has no access to the SQLite engine, so I didn't have to protect against injections, but if you plan on allowing users to enter data into your database via a form, you need to take SQL injection seriously.
Even if your app only needs simple flat file storage there is still a good reason to put your data into a SQL table... indexes. Data stored in an INI file must be read sequentially till the parser gets to the key and value you request. If you are storing a fair amount this can take quite a while, especially if you are doing lots of random searches in a row. By defining one or more indexes on your SQL table you get the benefit of binary-tree searches which are lightning fast by comparison. Writing data to INI files is even worse since the entire file must be rewritten on the disk to update or insert even a single key-data pair. SQL avoids this by writing the new data to the end of the file then updating the indexes to point to it.
Another benefit of SQL over INI file storage is transactions. If the user reboots their phone in the middle of your application writing the INI file to disk, the file is going to be damaged, often irretrievably. By using SQL and putting your data update inside a transaction, if anything goes wrong partway through, the database will just roll the data back to the state it was in before you started the update.
For anything more than trivial settings or data storage you really should be using SQLite.
SQL is pretty great, I'd highly recommend any developer know how to use it at least in basic form. We have some sample apps that demonstrate the use of SQLite with lists like Quotes: https://github.com/blackberry/Cascades-Samples/tre
Everything greenmr said was correct, but I would add that before you implement any SQL in your app, you should know what an SQL Injection Attack is, how it works, and how to avoid it. Otherwise, you are going to have a bad time. It's not particularilly difficult to avoid, but you should do the research yourself so you really understand it, since it's a pretty common vulnerability.