Mike Yearwood
Toronto, Ontario, Canada
General information
Category:
Coding, syntax & commands
>>I'm not expert in Access, but you should continue to use the question marks. That makes the values parameters. Concatenating user content into SQL commands is the classic newbie mistake that leads to SQL Injection Attacks.
>
>As long as her home development computer is not acting as a publicly available web server the probability of an SQL Injection attack is 0.
A SQL Injection attack is when a piece of SQL is injected into any SQL sent to a database server. It is not limited to the web.
Previous
Next
Reply
View the map of this thread
View the map of this thread starting from this message only
View all messages of this thread
View all messages of this thread starting from this message only