Hi, Another control that can be placed for input checking, is the specific use of $_GET or $_POST instead of $_REQUEST. This will reduce the hacking attempts. You also have to write server side validations, because there are spam programs which disguise as browsers and post useless data on your site. Plus, if you are accepting any input, ask people to enter in form and use only $_POST. If you want to pass info from one page to another, place it in $_SESSION, In my opinion, data flow should be hidden as far as possible. Regards, Manda Krishna Srikanth http://www.krishnasrikanth.com =====-----=====-----===== Notice: The information contained in this e-mail message and/or attachments to it may contain confidential or privileged information. If you are not the intended recipient, any dissemination, use, review, distribution, printing or copying of the information contained in this e-mail message and/or attachments to it are strictly prohibited. If you have received this communication in error, please notify us by reply e-mail or telephone and immediately and permanently delete the message and any attachments. Thank you [Non-text portions of this message have been removed]
