Nathan Gross wrote: > Woa! Let me verify. If I pass a qry string: > "SELECT Anyfield from Anytable where Anyfield = 'The man was 100% correct' " > to a Connector/J Statement (or PreparedStatement via parameters), the > driver will automatically [behind the scenes] escape the percent sign?
Again, this is a function of *PreparedStatement*s. You'll also find references to them as you research "SQL injection attack" :-) HTH! -- Hassan Schroeder ----------------------------- [EMAIL PROTECTED] Webtuitive Design === (+1) 408-938-0567 === http://webtuitive.com dream. code. -- MySQL General Mailing List For list archives: http://lists.mysql.com/mysql To unsubscribe: http://lists.mysql.com/[EMAIL PROTECTED]
