Actually, I meant to suggest addslashes() and mysql_espace_string()

-- 
Jon Kriek
http://phpfreaks.com

"Jon Kriek" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]
> I concur, assign the superglobal array to a variable ...
>
>
>
> $Name = strip_slashes($_POST['elementName']);
> $sql="INSERT INTO $table SET Name='$Name'"];
>
> ... and then use that opportunity to run additional checks on the content.
>
> -- 
> Jon Kriek
> http://phpfreaks.com

-- 
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Reply via email to