> No, don't use a form;- the site can't be static HTML with scripts to > process the form.
I used PHP and lock it down pretty tight with suhosin. Not sure I would do it the same way now or not (use a cgi or something) but I am happy with it and it is another reason why I avoid online CMS systems as they often require many PHP functions and often think of security as an after thought. -- KISSIS - Keep It Simple So It's Securable
