On Sunday 24 May 2009 06:36:15 Claudio Valderrama C. wrote:

> Sorry to come late to the discussion: do you mean that this crap will be
> enabled ALWAYS? We will have to filter incoming arbitrary strings in case
> they contain the damn sequence.
> It remembers me the nightmare that MS caused when including escape
> sequences from Access into Sql Server for compatibility and as result of
> this, most sites that receive user input and don't check it before
> concatenating it with a SQL command, suffer from possible weird results
> (and security problems).
> I agree with this feature, provided that's possible to disable it, maybe
> per attachment.

Claudio, can you provide a sample when string like:
q '! some ' text !'
is more dangerous than
' some '' text '
?