>I made the change. But as far as not changing in 15 years, I still use Visual FoxPro :). Someone may say the same thing: "I thought we were past this 15+ years ago" :)
>Thanks.
I was being prickly, but with good reason... :-)
SQL Injection is serious business, but one that can be fairly easily avoided. It's been widely discussed for many years in any and all programming languages and tools. So I'm surprised to see it still pop up today... Not only that but using named parameters also avoids all sorts of drive by side effects for value encoding that manual injection invariably causes.
+++ Rick ---