Also, please note that if you're using MySQL you don't have to bother at all security-wise - MySQL won't accept more than one query per mysql_query(). You do have to bother about regular errors though - if $f_namn or $email contain quotes (which $email might well contain) then you're going to end up with a database ERROR - but no harm done.


1lt John W. Holmes wrote:
addslashes should be enough and put qoutes arround your strings in the

 Meaning that a query like this one is safe, as long as I first have
$e_namn = addslashes($e_namn);?

$query = "INSERT INTO addr (last_name, first_name, email)

Yeah, as long as you do the same for $f_namn and $email.

---John Holmes...

PHP General Mailing List (
To unsubscribe, visit:

Reply via email to