First I'm a bit unsure , because in the manual it states that you must use mysql_real_escape_string on binary data. So first question, what constitutues binary data, a file or just an integer? Second question - Since magic_quote_gpc is enabled on my server (and I have no choice) - I gather I must use addslashes() 3rd- Some of the user input translates to an int value where I later do a join for the actual label. I believe those fields are protected naturally since the database won't accept anything but an int. 4th - With both of these functions it looks like they become part of the sql query. I could use some help in understanding how to set up variables using both functions. In otherwords, an example of how they get coded. Thank you , Stuart -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
