I noticed a lot of people gave some good advice, but one thing they forgot
to mention is the AddSlashes command of php. It basically does all the
necessary special-character escaping for you, so the worst thing someone
can do by enterring bad data in your forms is bring up a page with bad
res
For the most part, everyone's answers are accurate. The interface and
database you design needs to be tighter to prevent that.
One topic that no one mentioned is database security. For the user that the
php script runs under, start by restricting it acces to what it doesn't
need. If they are o
