Darren New wrote:
For PHP and MySQL, it's not the wrong way to go. True, you need to throttle your SQL thru the MySqlEscape function, but really, if you're manually concatenating things together to make SQL, you should be making a library or something.
Yes, I will probably recommend the making of a library as well.
This is really as much a DB question as it is a PHP question. Which DB are you using?
MySQL -- Tracy R Reed Read my blog at http://ultraviolet.org Key fingerprint = D4A8 4860 535C ABF8 BA97 25A6 F4F2 1829 9615 02AD Non-GPG signed mail gets read only if I can find it among the spam. -- [email protected] http://www.kernel-panic.org/cgi-bin/mailman/listinfo/kplug-lpsg
