Richard Kurth wrote:
if(response.indexOf('|' != -1)) {
Spot the misplaced bracket.
if($_GET['takeaction']=="delete"){ $uid=$_GET['uid']; echo $uid;
This is wide open to XSS attacks, you need to be just as careful with scripts intended to be accessed via javascript as you do with user facing scripts. If uid is as it sounds, an integer, then intval($_GET['uid']) will do nicely; otherwise at least use htmlentities() to prevent XSS.
Arpad -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php