Rick, It's a security risk because you're allowing in non-validated data. You could pass in good data, bad data, malicious data, etc. You could pass in a string that's a million characters to your database, perhaps characters that will appear in SQL, wrong ranges of numbers, constantly causing exception handling, etc. Those kind of things I am very interested in preventing.
Paul __________________________________________________ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
