Injection attack protection #4
Description
I've posted about this on my blog (or will shortly).
It occurs to me that without parameter binding in sdb that queries could be open to injection attacks. We need to wrap incoming data that gets passed to the providers to prevent this.