You are right. I will re-write my code to use the parametrized command. I am not concerned about SQL injection. But in this particular procedure it is necessary.
>
>I'm not sure you will be able to find a workaround.
>
>See Message #
1026953.
>
>Also, as a good practice, parameterizing helps to protect against SQL injection. For upcoming development, you might want to establish a data class which does it all for you. I do not have any direct value assignation for a SQL command since years.
"The creative process is nothing but a series of crises." Isaac Bashevis Singer
"My experience is that as soon as people are old enough to know better, they don't know anything at all." Oscar Wilde
"If a nation values anything more than freedom, it will lose its freedom; and the irony of it is that if it is comfort or money that it values more, it will lose that too." W.Somerset Maugham