I guess it is easy to forget.... For many sites the database it their major asset. Unfortunately when people put databases online they forget just how potentially exposed they are. I put a short snippet in the original post that dumps a 7000 record DB into the browser (mainly because I had the courtesy to tell braintrack.com about the problem but they did not have the courtesy to reply - they also have not fixed the issue).

As for GET/POST they offer no protection whatsoever. You don't even need LWP, you can just use HTML to do your bidding in many cases.

cheers

tachyon

s&&rsenoyhcatreve&&&s&n.+t&"$'$`$\"$\&"&ee&&y&srve&&d&&print