> Is there anything else that should be done? see http://www.webcohort.com/Blindfolded_SQL_Injection.pdf (note: PDF) for other articles, search for "sql injection" in your favourite search engine rudy