> > Was wondering if someone could have a look at: > > > > http://deltatraffic.co.uk/yell-ad/ad.gif > > And? Tip? When guarding against SQL injection attacks, disregard any SQL statement that does not conform to the pattern that you expect, rather than changing the data to fit the pattern. Eg. If you are not allowing SQL comments, (--) abort rather than merely removing the comment and continuing. Regards Chris Marsh "Cthulhu for President. Why vote for a lesser evil?" --Cthulhu.org