I hope you are not allowing the client to send T-SQL through the query string. Consider them sending something like File.php?Query='; drop table XXX; -- Charles Killmer -----Original Message----- From: George Pitcher [mailto:george.pitcher@xxxxxxxxxxx] Sent: Thursday, May 20, 2004 8:25 AM To: php-windows@xxxxxxxxxxxxx Subject: Passing +, =, - at post and get Hi, I want to be able to pass the '=', '+' and '-' characters both from a web form and as part of a url, to enable a better way of searching. However, these characters are choking my IIS webserver and not getting through to the script. Can anyone suggest a better way of achieving this? Cheers George -- PHP Windows Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP Windows Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
