On Wednesday 25 July 2001 23:05, Seb Frost wrote:
> Thanks for the suggestion but it's too ugly for me :-) I'll just stick
> with using '. I don't forsee a problem.
> $query = "SELECT shoodID FROM shoots WHERE location='$location'";
wget
http://foo.bar/yourscript.php?location=xy';delete+from+shoots+where+location+!=+'
Use Addslashes or magic_quotes_gpc.
--
Christian Reiniger
LGDC Webmaster (http://lgdc.sunsite.dk/)
...to paraphrase Churchill, while representative democracy may be
terrible, it's still the best system that large corporations can buy.
- David Weinberger JOHO January 25, 2000
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
