yes I have a peculiar SQL query that is using ACOS(), COS() etc for geolocation. I would love to use DAL but it is for a mobile device :D
*cheers On Mon, Aug 27, 2012 at 2:11 PM, Anthony <[email protected]> wrote: > Is there a reason you can't use the DAL to do the insert? > > > On Monday, August 27, 2012 4:32:09 PM UTC-4, Andrew Evans wrote: >> >> How can I escape the data submitted by my form to prevent SQL Injection. >> I read using request.post_vars does not escape the data, I am using a form >> built in HTML and submitting the data passing request.post_vars as >> variables to my SQL Query. >> >> Any ideas >> >> *cheers >> >> >> -- > > > > --
