Thank you for that. And excuse the inexperience, but how would I use an Array with the below? I mean say I had words such as this,is,a,bad,word (Just as examples as I can't post what I'm trying to block on here) how would I loop through those to check if any of them exist and if they do THEN execute the error script? I'm not too good with Arrays - but I'm learning. Thank you Chris If you POST from your form use $_POST, or $_GET for a form GET foreach($_POST as $key => $value){ if( strpos($value, $findme) !== false ){ //$findme was found in $value } } http://php.net/manual/en/reserved.variables.php http://us2.php.net/manual/en/control-structures.foreach.php http://us2.php.net/strpos Yes, that's !== or === -----Original Message----- From: Chris Payne [mailto:chris@xxxxxxxxxxxx] Sent: Thursday, March 09, 2006 5:21 PM To: php-db@xxxxxxxxxxxxx Subject: Database abuse help needed Hi there everyone, Is there a better way I can do this? if ($email == "mur@xxxxxxx" OR $subject == "Rulez666" Basically, if I have data coming from a form to a DB, is there a better way to say check EVERY variable for a specific set of words rather than doing $name, $subject etc .... seperately? The reason I ask is my scripts are being exploited and I can fix it when the attacks happen, but i'd like to be able to have a string which checks all the form data and takes action if a word I define in a list exists. So, instead of doing if ($name == " mememe " ...... if($email == " Rulez666@xxxxxxxxxxxx " ....... I could just have a simple statement with a group of words, and if one of the words appears it takes an action I specify such as do not proceed to add to DB etc .... Any help would be greatly appreciated as I am tired of keep writing the same scripts with different variables, i'd love to just grab all the variables from the form and perform the action ONCE on the incoming form data and then all the variables are affected instead of doing each one. Please save me from going nuts :-) Chris -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- No virus found in this incoming message. Checked by AVG Free Edition. Version: 7.1.375 / Virus Database: 268.2.1/278 - Release Date: 3/9/2006 -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php