j0hncage wrote: > > --- In [email protected] <mailto:php-list%40yahoogroups.com>, > James Keeline <[EMAIL PROTECTED]> wrote: > > <input type="text" name="beltsize" value="<?php echo > htmlentities($beltsize);> ?>"> > > you should have better success. > > > > James > > > > Looks like that did the trick very nicely, James. Thank you very much. > Is there any reason why a person shouldn't use that approach on each > update field to help ensure data integrity? (Just thinking that if > somehow another foot (') or inch (") character found it's way in there > on an update, I could be looking at the same thing somewhere else). > > Guess if there's no downside to the approach above, I might use that > for each update field. > > John >
> . > John - it is a very idea to use these techniques to safeguard every field in your data base, on any input or update field. Not doing so puts your data at risk to SQL injection techniques, whereby a malicious user can wreak havoc with your data. Take a few minutes to Google for "SQL Injection". Mike [Non-text portions of this message have been removed]
