> > In my web-application SQL Transformer takes user input and > uses it "as > > is" in its request string. Are there simple ways to process > user input > > to prevent SQL Injection?
> > Use <esql:parameter>. > > Ugo As I see using <esql:parameter> needs stored procedure support.. but we haven't it there. ;( anyway - can I solve my problem using _SQL Transformer_ (not ESQL!) Ilya --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
