Richard wrote:
It's a wise choice to go with $_POST, unless your form is a GET form,
in which case use $_GET. $_REQUEST has the potential to open your
script(s) up to security issues.

I am not sure what the security issues are you are referring to as the $_REQUEST superglobal contains both $_GET and $_POST values. Could you expound on that? Thanks.
Use quoted strings - either single or double quotes. Eg:


To answer your question though, the quotes will not protect you from SQL injection at all. It simply has to do with processing the values.

PHP General Mailing List (
To unsubscribe, visit:

Reply via email to