Level Extreme platform
Subscription
Corporate profile
Products & Services
Support
Legal
Français
No question, Marx.
Message
From
28/04/2008 13:41:08
Dragan Nedeljkovich (Online)
Now officially retired
Zrenjanin, Serbia
 
 
To
28/04/2008 12:04:06
Mike Yearwood
Toronto, Ontario, Canada
General information
Forum:
Visual FoxPro
Category:
Client/server
Title:
Re: No question, Marx.
Environment versions
Visual FoxPro:
VFP 9 SP1
OS:
Windows XP SP1
Miscellaneous
Thread ID:
01313400
Message ID:
01313572
Views:
10
>>
>>*-- TEXT BLOCK BEGIN
>>TEXT TO lcVar NOSHOW TEXTMERGE
>>select * from table1
>>
>>-- do we want a 2nd table here?
>>
>>select * from table2
>>ENDTEXT
>>*-- TEXT BLOCK END
>>nRet=sqlexec(h, lcVar, "doh")
>>
>>This is a perfectly legal SQL statement, which would pass muster in QA, but not in VFP, because the oddball question mark at the end of a line, not followed immediately by a variable name, confuses the parser.
>>
>>So this had nothing to do with SQL injection.
>
>Yep. My mistake! Although I can't imagine why you are sending a command with comments in it. Isn't that like sending a * to execscript()? ;)

It's because the comments don't hurt (unless they contain question, Marx, and maybe other dangerous punctuation), and because I have to create a temp table, retrieve about 20 cursors joined on it, and in the end kill the temp table, so there's a few pages between Text and EndText - and I strongly believe that code should be commented. Even if it's TSQL code. So there are comments in it.
back to same old
the first online autobiography, unfinished by design
What, me reckless? I'm full of recks!
Balkans, eh? Count them.
Previous
Next
Reply
Map
View

Click here to load this message in the networking platform