regarding all those stripslashes you have, what you can do is have an external file called functions and have a function like this


function secure($value) {

return mysql_real_escape_string(addslashes(trim($value))) ;

}

and for every field you want to escape symbols you just do secure($_POST['something']);

much cleaner :)

__________________
no signature set