real story;
string sender;
sender = "Diego Pablo";
Programmer: You shouldn't pass a form field value right to the SQL. A hacker could manipulate your query!
Alonso: Oh, but I don't do this! First I put the value on a variable, then the variable goes to the SQL!
Programmer: PLAFT!
--
T-shirt: XAVIER INSTITUTE FOR GIFTED PROGRAMMERS