MSSQL LIKE and IN statements in ADO problem

[gregarican]

Thanks. Please keep us posted. For some of my potentially exposed areas
I was just doing regex lookups against the input parameter to filter
out possible SQL injection keywords. Obviously not as elegant and
efficient as using ADO parameters to strictly define the data that
should be coming into the SQL statement. Playing around with the code
you provided yesterday I had problems using an ADO parameter as a
condition of the SQL LIKE statement. Not sure if that's an ADO
limitation, a Python ADO limitation, or my relative ignorance :-)