| Subject | RE: [Firebird-Architect] Literal strings and quotes |
|---|---|
| Author | Claudio Valderrama C. |
| Post date | 2009-05-24T02:36:15Z |
> -----Original Message-----...
> From: Firebird-Architect@yahoogroups.com
> [mailto:Firebird-Architect@yahoogroups.com] On Behalf Of
> Adriano dos Santos Fernandes
> Sent: Martes, 19 de Mayo de 2009 11:34
>
> Oracle has a feature where you can use quotes inside strings without
> need to double them.
>
>Sorry to come late to the discussion: do you mean that this crap will be
> I propose the same thing for Firebird.
enabled ALWAYS? We will have to filter incoming arbitrary strings in case
they contain the damn sequence.
It remembers me the nightmare that MS caused when including escape sequences
from Access into Sql Server for compatibility and as result of this, most
sites that receive user input and don't check it before concatenating it
with a SQL command, suffer from possible weird results (and security
problems).
I agree with this feature, provided that's possible to disable it, maybe per
attachment.
C.