> Be very careful with this type of code. The code you are showing here is a prime candidate for a SQL Injection attack. I would recommend looking into implementing some type of parameter mechanism for this method.
Could you provide more information on what you mean? We use this approach in Visual FoxPro and I never had any problem with it.