This reply has two purposes.
Firstly, a small suggestion (modest compared to the others which will
follow, no doubt!) - check out mysql_escape_string() - this may be useful to
you.
Secondly, a further question:
In addition to protecting against SQL Injection, has anyone here
experimented with de
Hi Jigal, others,
> > Can someone shed some light on how "SQL injection" attack occurs when
> > *magic_quotes_gpc *is"ON" and how it prevents when its "OFF". To my
> > understanding apostrophise are escaped automatically in POST/GET/COOKIE
> > when its ON, so how it tends towards SQL Injection.
From: "Tariq Murtaza" <[EMAIL PROTECTED]>
> Can someone shed some light on how "SQL injection" attack occurs when
> *magic_quotes_gpc *is"ON" and how it prevents when its "OFF". To my
> understanding apostrophise are escaped automatically in POST/GET/COOKIE
> when its ON, so how it tends towards
