HI FOLKS!
SQL injection is a big problem...
Suppose you have a query like this
SELECT user FROM users WHERE user='$u' AND passwd='$p'
if $u and $p come from a form and both contain
' OR ''='
the query above mentioned becomes
SELECT user FROM users WHERE user='' OR ''='' AND passwd='' OR ''=''
How php avoid this problem?
CIAO.
Giuseppe.
