2007/11/15, Mike Duffy <[EMAIL PROTECTED]>: > No matter where this is done, the basic problem is we have single quotes, > double quotes, ampersands, semicolons, and parenthesis in our data.
This may be off topic, but does not is suffice to use prepared statement and parameters to avoid such attacks? Antonio --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
