> > About the sql injection, the db user I set for this has only select > privileges, should I be worried even with this ? > Absolutely. If I have select privs, I could possibly select passwords, credit card numbers, or whatever else sensitive info you have in your db. JM -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
