From: "Matt Babineau" <[EMAIL PROTECTED]> > Does anyone have a function or something they have already written to > remove any URL hacking characters, mainly the single quote, but I'm > looking for a nice function to filter my _GET variables against. Gotta > protect the database...ya know :)
Just escape your single quotes. That's all you need to do. Either use addslashes() if your database requires quotes to be escaped with a backslash, or use a str_replace() function if your database requires single quotes to be escaped with a single quote. ---John Holmes... -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php