David Bear wrote:
>>Steve Holden wrote:
>
>
>>Fredrik Lundh wrote:
>>
>>>Frank Millman wrote:
>>>
>>>
>>>
Each of the API's includes the capability of passing commands in the
form of 'string + parameters' directly into the database. This means
that the data values are never embedded i
David Bear wrote:
>
> The statement above can cause relief or pain. Letting the DBAPI handle
> proper string escapes, formating, etc., is a big relief. However, I am
> still wondering what happens under the covers. If I have a string '1\n'
> that I've read from some source and I really intend on i
>Steve Holden wrote:
> Fredrik Lundh wrote:
>> Frank Millman wrote:
>>
>>
>>>Each of the API's includes the capability of passing commands in the
>>>form of 'string + parameters' directly into the database. This means
>>>that the data values are never embedded into the SQL command at all,
>>>an
