> Sorry, let me clearify.. unless UserId is an integer, quote it !! And quoting integers is not a problem, I even prefer it. IMHO we should tell people to quote all values so if someone "forgets" to do any sort of input validation (i.e. make sure it's actually an integer) there won't be a major problem otherwise problems (including SQL injection) may arise.
Regards, Philip -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
