What's the best practice to escape parameters when using Titanium.Database.DB.execute ?
This may be what you're looking for, no?
I'd like to rephrase the above question in "Is there any practice with regards to escaping parameters when using Ti.Database.DB.execute?".
Right now I am parsing a feed server side with PHP's sql_escape_string and use the outcome of that, far from ideal.