interpolation proposals and safety

[Bruce Carneal]

Are both of the interpolation proposals (1027 and 1036e) equally 
helpful when seeking to avoid SQL injection attacks, DOM XSS 
vulnerabilities and the like?

Is it really easy, trivial even, to button things up with either 
proposal or is one easier to use correctly than the other?

I am neither an SQL savant nor a Web programmer, but it seems 
like safety in this area would be a real plus for D going forward.