http://stackoverflow.com/questions/1973/what-is-the-best-way-to-avoid-sql-injection-attacks Golden Rules: 3: Custom-Written Value Sanitation. Avoid writing your own sanitation routines as much as possible except when it’s absolutely the only option remaining (which is very unlikely in any modern language). Input sanitation is a hard problem, and the costs of getting it wrong are huge. It’s best to leave that job to [...]

xowiki pages are managed with the OpenACS Content repository. XOWIKI pages: For each page there’s an entry in cr_items projop=# \d cr_items Table “public.cr_items” Column | Type | Modifiers ——————-+————————+———————————————— item_id | integer | not null parent_id | integer | not null name | character varying(400) | not null locale | character varying(4) | live_revision [...]