On 26 Apr 2012, at 18:37, Jim Giner wrote: > I"m no expert, but why would you expose a query to the world thru the use of > a GET? Why not just collect the params and build the string in your code? > That is how people hack into your database - via a re-formed query. You're > giving someone an open invitation. A "query string" has nothing to do with databases. -Stuart -- Stuart Dallas 3ft9 Ltd http://3ft9.com/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
