Hey, When constructing an SQL string, how should the following things be escaped, if at all?
* Field names * Index names It looks like when doing a select using the Database MW thing, the field names provided do not get escaped at all. Cheers -- Jeroen De Dauw http://www.bn2vs.com Don't panic. Don't be evil. ~=[,,_,,]:3 -- _______________________________________________ Wikitech-l mailing list Wikitech-l@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/wikitech-l