Hi,

$result = mysql_query("SELECT nickname FROM Profile WHERE nickname = '$nickname'");

  
ich freue mich schon darauf, in das Formular folgenden Nickname einzugeben:  
  
foo'; DELETE FROM nickname; --  
  
Cheatah  

-- 
X-Self-Code: sh:( fo:} ch:~ rl:| br:> n4:& ie:% mo:) va:) de:] zu:) fl:{ ss:) ls:~ js:|  
X-Self-Code-Url: http://emmanuel.dammerer.at/selfcode.html  
X-Will-Answer-Email: No  
X-Please-Search-Archive-First: Absolutely Yes