Hi
Whilst you are searching the net, you might also want to search for 'sql injection'. This is no joke!
Please use the mysql_escape_string on each variable you get from the user side.
Use mysql_real_escape_string() instead.
-- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
