That code should have been:
$id = some_escape_string_function( intval( "0; drop bar" ) );
if( $id > 0 )
{
lamesql_query( "select foo from bar where id = '$id'" ) );
}
else
{
// Error?
}Just wanted to be precise in what I was trying to convey.
-- mjh
-- PHP Internals - PHP Runtime Development Mailing List To unsubscribe, visit: http://www.php.net/unsub.php
