[eluser]JamesTaylor[/eluser]
Thanks guys.
n0xie, the thing i liked about Active Records is that it appears to add a level security automatically by escaping variables / input from forms etc. and as i am still on the learning curve regarding security in programming it means it is one less thing to worry about at the moment!... although i know i will to look into it further when times allow if only to be more aware of things.
CroNiX, is it not be the case that in the vast majority of cases we would want things to be escaped for security?? In what situation would you not want it to be escaped??
I'm guess that if we set the 2nd parameter to FALSE instead then it would escape?
