1lt John W. Holmes wrote:
addslashes should be enough and put qoutes arround your strings in thesqlMeaning that a query like this one is safe, as long as I first have $e_namn = addslashes($e_namn);? $query = "INSERT INTO addr (last_name, first_name, email) VALUES(\"$e_namn\",\"$f_namn\",\"$email\")";Yeah, as long as you do the same for $f_namn and $email. ---John Holmes...
-- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php