Hi Adrian,
You can still use the text input, but you must ensure that the input is
filtered first. There is a wealth of information on SQL injection and
its prevention on the Internet. Try these for starters:
http://shiflett.org/articles/security-corner-apr2004
http://dev.mysql.com/tech-resourc
I'm aware it would be a security hole if it were available to all users,
but it's just for me at the mo, other users get a watered down version
with just check boxes. I basically want to allow flexible filtering of
a set of data but obviously this poses a few challenges, any ideas
always wec
Hi Adrian,
This appears to be a security hole, but since that wasn't the reason for
the question, please try:
echo"";
php.net/htmlentities
Cheers,
David Grant
Adrian Bruce wrote:
> Hi
>
> I am trying Dynamically creating a Query based on form input for an
> intranet, i have a text input that
3 matches
Mail list logo
