"Zeugswetter Andreas SB SD" <[EMAIL PROTECTED]> writes: > Yes, but what is currently missing is a protocol to the backend > where a statement is prepared with placeholders and then executed > (multiple times) with given values. Then there is no doubt what is a > value, and what a part of the SQL.
This wouldn't have helped in the current case. The bug is in the datetime parser which translates strings to an external representation, not in the SQL parser. -- Florian Weimer [EMAIL PROTECTED] University of Stuttgart http://CERT.Uni-Stuttgart.DE/people/fw/ RUS-CERT fax +49-711-685-5898 ---------------------------(end of broadcast)--------------------------- TIP 3: if posting/reading through Usenet, please send an appropriate subscribe-nomail command to [EMAIL PROTECTED] so that your message can get through to the mailing list cleanly
