Geoff Caplan <geoff@variosoft.com> writes:
> But in web work, you are often using GET/POST data directly in your
> SQL clauses, so the untrusted data is part of the query syntax and not
> just a value.
Can you give an example of this that isn't also an example of
obviously bad application design?
-Doug
--
Let us cross over the river, and rest under the shade of the trees.
--T. J. Jackson, 1863