On Tue, 2007-09-11 at 15:20 -0400, Jason Pruim wrote: > > echo "<div class=\"nav\"><A Href=\"excelexport.php\">Export to Excel</ > A><BR><A href=\"logout.php\">Logout</A><BR><a href=\"add.shtml\">Add > Record</A>"; > echo "<P class=\"total\">Total Records: $num_rows</P></div>"; While you're trying to clean up your security approach you might also spend a little time cleaning up your HTML. Your lack of a consistent discipline for tag names and attribute names is so retro 90s. You might also consider using single quotes around HTML strings to avoid having to escape all those attribute double quotes... yeah yeah I know, you've got a variable in there. Probably less work and easier on the eyes to break out of single quotes for the odd variable. Cheers, Rob. -- ........................................................... SwarmBuy.com - http://www.swarmbuy.com Leveraging the buying power of the masses! ........................................................... -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
