I don't know if the following applies, because I don't know whether the visitors of your website should be able to add content tot the database, but if they don't need to be able to do that, you can always make a Front-end SQL user. Which only allows the necessary, so no INSERT, UPDATE, ALTER, DROP & DELETE privileges. Cheers Joost