On 07/02/07, Brian Cummiskey <brian at hondaswap.com> wrote: > are there security issues (sql injection specifically) involved with > storing the user agent? Just how far can the user agent be changed? The User Agent string can be anything an attacker wants it to be. -- Lee