Ok I know this isn't a MySQL mailing list, but the question pertains to rom :P
I was wonder is there a function that mysql has that I should run any of like my descriptions or that threw before passing it off to the sql? Sort of like I have the mud smash_tilde any string that is going to be placed into a pfile. Is there anything like that? I know theres one that will parse out any html that my be laced in the string. I mean I might sound paranoid but I'm looking at it from this angle... I plan to have my notes in a sql database, then I plan to have a website where you could login and read your notes. Now what is to stop someone from writing a note in the mud, lace it with their own php script that lets say at worese case senario opens a pipe and they send to the shell a 'rm -rf *' kind of command. Thats not going to be cute to see all that happen... So does is there a library or what not that already parses this kind of stuff out? Or would i have to make my own?
