> <just_wondering> > > Why is it that 20 some-odd people posted responses and no one mentioned > using Replace() (or the possibility of a SQL injection attack) as well? > > </just_wondering> > > Promoting best practices should be on the mind of all of us. I am even > guilty of this in this scenario. I should have mentioned that even in > MSAccess you can use a Command object for querydefs or parameterized queries > in the VBScript code itself.
The original post cited only a variable name. It was unknown if it'd been replaced prior. Nor would it be known of other 'best practices' such as Option Explicit, Magic Numbers, etc. Are you suggesting that all 'best practices' be named for every response? --- You are currently subscribed to activeserverpages as: [email protected] To unsubscribe send a blank email to [EMAIL PROTECTED]
