Been a while since I've had a concerted hacker attempt, but over night this has appeared in the logs. 'sort_mode' => 'last_modified_desc\' and(/**/sElEcT 1 /**/fRoM(/**/sElEcT count(*),/**/cOnCaT((/**/sElEcT(/**/sElEcT /**/uNhEx(/**/hEx(/**/cOnCaT(0x217e21,0x4142433134355a5136324457514146504f4959434644,0x217e21)))) /**/fRoM information_schema./**/tAbLeS /**/lImIt 0,1),floor(rand(0)*2))x /**/fRoM information_schema./**/tAbLeS /**/gRoUp/**/bY x)a) Does not get anywhere since 'sort_mode' gets filtered in this case to LAST_MODIFIED DESC and the trash gets ignored. Presume this is some MySQL hack attempt ( bit lost on Firebird anyway ;) ) but the question as usual is it malicious in the content of MySQL, or just fishing? In my case it just white screens anyway so I don't know why they keep trying to send the same style of url thousands of times? -- Lester Caine - G8HFL ----------------------------- Contact - http://lsces.co.uk/wiki/?page=contact L.S.Caine Electronic Services - http://lsces.co.uk EnquirySolve - http://enquirysolve.com/ Model Engineers Digital Workshop - http://medw.co.uk Rainbow Digital Media - http://rainbowdigitalmedia.co.uk -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php