>This is for SELECT statements. But I'm talking about INSERT/UPDATE. Nobody prevents you from typing
>
>
<script> malicios script </script>
in the fields.
Just remove [>] and [<] from the typed string :o)
Against Stupidity the Gods themselves Contend in Vain - Johann Christoph Friedrich von Schiller
The only thing normal about database guys is their tables.