>> Rule #1. >> Never, ever, ever, alter the user's input, EXCEPT for >> sanitizing/filtering. > >Probably shouldn't recommend sanitizing then. Only validate & reject. :P mea culpa I meant ESCAPING, of course. If it doesn't pass sanitizing/filtering, it's probably better to just "reject" and force re-entry by the user. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
