There is a bug in views where parameterized SQL statements don't work, which is what we used by default in our recordsets to prevent SQL injection. But when you don't have a parameter you are passing in, it isn't really necessary, so the latest version doesn't use a parameterized SQL statement when no parameters are set.
It is a bug we have worked around in the latest version of the rsobj.php file that I've uploaded to the server. Save that file so you can use it if you run into this problem in the future.