On 12/21/05, Hassan Schroeder <[EMAIL PROTECTED]> wrote: > Nathan Gross wrote: > > > Woa! Let me verify. If I pass a qry string: > > "SELECT Anyfield from Anytable where Anyfield = 'The man was 100% correct' > > " > > to a Connector/J Statement (or PreparedStatement via parameters), the > > driver will automatically [behind the scenes] escape the percent sign? > > Again, this is a function of *PreparedStatement*s. You'll also find > references to them as you research "SQL injection attack" :-) > Will do. Thanks; -nat
-- MySQL General Mailing List For list archives: http://lists.mysql.com/mysql To unsubscribe: http://lists.mysql.com/[EMAIL PROTECTED]