[AppDB] - protect sql insert statements from injection attacks

[Tony Lambregts]

Chris Morgan wrote:
> Here is the new version.  I've switched to the fully expanded method of 
> writing out the sql.  This is the same format used by several db wrapper 
> libraries, in prepared sql statements and is the recommended style under 
> c#/.net for queries.
> 
> I've tested creating new users and distributions and submitting an 
> application.
> 
I have tested the patch thoroughly and it looks good to me.

--

Tony Lambregts