On Saturday, February 05, 2011 12:56:42 pm Adrian Klaver wrote: > On Saturday, February 05, 2011 12:46:42 pm John Fabiani wrote: > > I was discussing Dabo and not anything else. The code example works for > > most of what I do (if not all of the code I write). As far as SQL > > injections I do not see the difference between using python's '%s' > > passing the complete sql statement and passing the '?' with the > > variable. As far as I know (and it's been my experience) that I can > > pass the complete statement to Dabo methods without any issues. > > > > Johnf > > http://xkcd.com/327/ Exactly - clean up the input
Johnf _______________________________________________ Post Messages to: Dabo-users@leafe.com Subscription Maintenance: http://leafe.com/mailman/listinfo/dabo-users Searchable Archives: http://leafe.com/archives/search/dabo-users This message: http://leafe.com/archives/byMID/201102051317.09767.jo...@jfcomputer.com