you reserved words a this sentence would become :)
You want to ensure the incoming variables are not INTERPRETED as sql. Properly escape and quote the input.
Shaun wrote:
Hi,
does anyone know of a function i can include in my scrpits to ensure all $_POST values sent from a page don't include any SQL?
Thanks for your help
-- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
