*solomon kariri **solomonkariri at gmail.com *<skunkworks%40lists.my.co.ke?Subject=Re%3A%20%5BSkunkworks%5D%20What%20is%20this&In-Reply-To=%3Cd27d6dc20910150140i79b45258h49bb0021d4ffa848%40mail.gmail.com%3E> *Actually I dont why Im always the person to get these funny things. I think whatever the case is, you should never display to the end user the results of an sql error as it might expose some information about the structure of the database. As in imagine a message like this [MySQL][Version 1.5] there is an error in your sql. Please check the manual for the correct syntax to use near 'username='whateveruproviede',access_level=3'. I was just wondering. From the response Im sure you can tell what database they are using because the nature of the messages is usually characteristic of certain database management system*. -------------------- Dude, When I get there, I'm sure will exchange some views with you because seems you are talking of exploits in sql. But the basics of any application design ( my world at the moment ) or web design ( future world ): - Forms ; capture, edit and query data - Db : store data Db access needs I think 2 ports open in udp. The exploits are on all DB platforms or just one? -- "always a student @ heart....? "