Okay... I'm not a malicious hacker... I'm just worried for security and idiot proofing my scripts. Are there any ways that to avoid magic quotes... ie. putting into a form field - "; delete from table; - So that when the field contents are submited it would try to empty out 'table', but it changes " to \", any way to change it?