On Apr 15, 2006, at 11:07 AM, Jan Erik Moström wrote:
Hans-Georg <[EMAIL PROTECTED]> 2006-04-15 17:18:
You could use the poor man's "pre-compiled" approach:
Const PrecompiledString = "select a,b,c where d = #1 and e = #2"
Dim SelectString As String = PrecompiledString.Replace(#1, "first
string").Replace(#2, "second string" )
Yes but this doesn't protect against "sql injection" (or whatever it's
called) ?
jem
Using a bind variable doesn't either
_______________________________________________
Unsubscribe or switch delivery mode:
<http://www.realsoftware.com/support/listmanager/>
Search the archives of this list here:
<http://support.realsoftware.com/listarchives/lists.html>
