Rod,

>> I think my contention was that is you use stored procs you wont have these problems (unless you do dynamic stuff in the procs themselves)

SPs can be just as vulnerable to injection as SPT. A RV never is. Those who have decided RVs are no good would do well to use them to create safe SQL templates for whatever mechanism they have decided is better.

>>As for your SQL injection article idea. I thought it was a jab at me more than an offer. Basically we dont publish too many VFP specific articles but if you would like to write an article on SQL injection problems in various development environments: .VFP, VB, .NET you are more than welcome. Send me your e-mail address and an abstract and we'll see what we can do.

The injection article idea was not mine, and you are correct, I did not offer to write one. I must say I I had hoped that some of those who were planning articles to educate us re injection might have proceeded regardless. Instead it seems that the fact that the dreaded RV has addressed such a "modern" concern for almost a decade, means it is not so important after all. I disagree. I'd warrant there are lots of developers out there who believe they are safe and secure if they write SPs with specific access rights.

I might consider writing an article showing users of other tools how to use VFP RVs to create safe SQL that can be used in SPT or SP. Would you publish that?

>>As for WinForms performance.... you didnt mention that it had to be in the context of a database application.

What, you thought people would come to the VFP forum and complain about graphics apps? Of course people are comparing performance of database apps in this forum.

>>Whether it is a database application or a graphics package... They all contain listboxes, textboxes, buttons, labels, etc.... Is this not the case ?

Yes. But detailed entry Winforms still load sluggishly. Fast graphic applications, games and other non-database apps do not change this.