On Monday 06 September 2004 14:08, Peter Brodersen wrote: > On Mon, 6 Sep 2004 13:33:02 +0800, in php.general > > [EMAIL PROTECTED] (Jason Wong) wrote: > >> $username = trim(addslashes($_POST['user_name'])); > >> $pass = trim(addslashes($_POST['password'])); > > > >addslashes() is not needed as you're performing SELECT query and not an > > INSERT query. > > How did you come up with that? The escape mechanism is the same for > SELECT and INSERT.
Sorry, you're right. I'll go back to sleep now! -- Jason Wong -> Gremlins Associates -> www.gremlins.biz Open Source Software Systems Integrators * Web Design & Hosting * Internet & Intranet Applications Development * ------------------------------------------ Search the list archives before you post http://marc.theaimsgroup.com/?l=php-general ------------------------------------------ /* A beautiful woman is a blessing from Heaven, but a good cigar is a smoke. -- Kipling */ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php