Ross wrote:
> Can I put post values directly into insert statements?
>
> $query = "INSERT INTO categories (category_name) VALUES
> ('$_POST['cat_name'])";
>
Yes you can, but it is not secure to do that!
use (insecure):
$query = "INSERT INTO categories (category_name) VALUES
('{$_POST['cat_name']}')";
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
