Also... Along the same lines I wanted to add that allowing the user to
run their own SQL to get the query results they want is just NOT a good
idea. I remember a while back when the 'other' Tango company had a
mailing list server (you know the one that crashes all the time) had a
search engine which allowed you to enter your own SQL query to get
information posted to the list. If that's not a bad idea, I don't know
what is. It is in cases like that that you open yourself up to the
massive security holes, so wide open in this case it's ridiculous, that
anyone with a little time on their hands and a little bit of malicious
attitude can not only get your server bogged down, but would darn right
crash it if they wanted to.
Now I know that the list search was running on an Access database, but
come on... how hard is THAT to crash without doing anything to it, let
alone give the users (most of which are developers in this case) the
ability to do what ever they want to get data out.
You write poorly, you get poor results and suffer the consequences. It
doesn't take a genious to figure that out.
Just my opinion. Don't smack me around too hard.
R
________________________________________________________________________
TO UNSUBSCRIBE: send a plain text/US ASCII email to [EMAIL PROTECTED]
with unsubscribe witango-talk in the message body
