Nope, nothing you can do on the server end. The server will only
accept syntactically correct SQL statement and broken strings will
undermine that.
In practice, if you are careful to at least escape the quotes (ie '
--> \' ), you can avoid nasty SQL injection attacks, although some
statements m
Thanks michael,
Good question/observation - I am using a main stream language - an
almost-homemade scripting language
which does have a "replace" functionality which allows me to replave a ' with
\' - on a
per field basis - as i have which dozens of fields to attend to, and would have
to code
