John Elrick wrote: >> A much better solution than QuotedStr is to use queries with parameters. >> If you're going to be running the query multiple times it also gives you >> a >> speed boost. >> > > True, however, that assumes you will be running the query multiple times > in a row, which I haven't experienced in our particular project.
Even if you aren't running the query multiple times, the parametric query is a good idea. It avoids any possibility of SQL injection, due either to malicious users or programming mistakes. Clay -- Simple Content Management http://www.ceamus.com ----------------------------------------------------------------------------- To unsubscribe, send email to [EMAIL PROTECTED] -----------------------------------------------------------------------------
