My First Post.
Question is about the SQLify() function mentioned in Page 204 of Introduction to programming with Xojo. The function replaces single quotes in user_input text with 2 single quotes before the user_input is used in an SQL statement created by string concatenation.
search_input = ReplaceAll(user_input, "'", "''")
If I am using a prepared statement instead of a concatenated string, do I still need to use the SQLify() function to escape the single quotes ?