>>Do you see any potential security issues with this i.e. sql injection via the email
As far as SQL injection is concerned, the risk is pretty low with an Access database, since it cannot process multi-statement SQL command. Unless there are tricks I don't know, all SQL injections are based on multi-statement commands. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Want to reach the ColdFusion community with something they want? Let them know on the House of Fusion mailing lists Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:325434 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4