Thanx that is good news i dont use the :raw operator.


On Fri, 2010-06-25 at 10:55 +0200, Marijn Haverbeke wrote: 
Hi Phil,

> How susceptible is dao objects to sql injection and what measures would
> be suggested to prevent sql injection if it is possible with dao objects.

Unless I made a major blunder somewhere, proper use of s-sql and dao
objects are completely safe from sql injection. (Improper use would be
inserting an unescaped string using the :raw operator.)

Best,
Marijn

_______________________________________________
postmodern-devel mailing list
postmodern-devel@common-lisp.net
http://common-lisp.net/cgi-bin/mailman/listinfo/postmodern-devel