Since your `properQuote` doesn't quote at all, it is neither correct nor safe. To prevent SQL injections, use the existing `db_*` modules from the stdlib.
- SQL Injection Attack Prevention iwcoetzer
- Re: SQL Injection Attack Prevention Araq
- Re: SQL Injection Attack Prevention coffeepot
- Re: SQL Injection Attack Prevention Araq
- Re: SQL Injection Attack Prevention iwcoetzer
- Re: SQL Injection Attack Prevention iwcoetzer
- Re: SQL Injection Attack Prevention coffeepot