[EMAIL PROTECTED] wrote: > Isn't that called input validation and something that should be done > anyways?
True. But some input validation is a bit aggressive. How many broken Web forms out there don't permit "+" in an e-mail address? And my colleague, Dave O'Neill, can tell lots of horror stories about how his name is mangled by aggressive-but-incorrect SQL-injection countermeasures. :-( Regards, David. _______________________________________________ Visit http://www.mimedefang.org and http://www.roaringpenguin.com MIMEDefang mailing list [email protected] http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
