I added just into a input field" 19" enclosure which was displayed from the database as: 19\" enclosure That gives me some questions: 1. where the protecting slash comes from? 2. how can I get it away when I want to display that field? 3. The slash is not to see in phpmyadmin, why not? and: 1. what else do I need to take care with input fields and if they are going to a mysql database? 2. can I use a function for that kind of protection for each field - or even better just flag it in php to protect? 3. is HTTP_REFERER & session-id enough to make sure that no variables can be injected? bye Ronald -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
