Mike yearwood wrote: > Hi Bill > > Look into parameterizing. That way you don't need to escape values and > you prevent sql injection attacks.
Excellent suggestion!!! Is injection completely impossible if you use the parameters approach? -- Mike Babcock, MCP MB Software Solutions, LLC President, Chief Software Architect http://mbsoftwaresolutions.com http://fabmate.com http://twitter.com/mbabcock16 _______________________________________________ Post Messages to: [email protected] Subscription Maintenance: http://leafe.com/mailman/listinfo/profox OT-free version of this list: http://leafe.com/mailman/listinfo/profoxtech Searchable Archive: http://leafe.com/archives/search/profox This message: http://leafe.com/archives/byMID/profox/[email protected] ** All postings, unless explicitly stated otherwise, are the opinions of the author, and do not constitute legal or medical advice. This statement is added to the messages for those lawyers who are too stupid to see the obvious.
