On Thu, May 21, 2015 at 7:15 PM, Simon Slavin <slavins at bigfraud.org> wrote: > > > Also, savepoint names can't be used as parameters when binding.
Does that mean that I can't prepare this: "SAVEPOINT :name"? What would be the recommended method of preventing SQL injection for this? -- ?u?op-?p?sdn s? ?o??uo? ?no? 's??? p??? u?? no? ??