manifoldcf-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Robert Muir <rcm...@gmail.com>
Subject Re: Release?
Date Fri, 10 Dec 2010 13:03:01 GMT
On Tue, Dec 7, 2010 at 8:45 AM, Karl Wright <daddywri@gmail.com> wrote:
> I'm really not sure where you are going with this.
> Are you saying:
> (a) we should remove quoteSQLString from the abstraction completely;

right, i think a is ideal, we would use real parameters (e.g. via
PreparedStatement) for all queries, this way parameters are definitely
parameters and not to be interpreted as sql syntax... and no
quoting/escaping necessary either.

Mime
View raw message