On 26 Apr 2012, at 18:37, Jim Giner wrote:
> I"m no expert, but why would you expose a query to the world thru the use of
> a GET? Why not just collect the params and build the string in your code?
> That is how people hack into your database - via a re-formed query. You're
> giving someone an open invitation.
A "query string" has nothing to do with databases.
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php