[AndreiWow]

Quote:

Originally Posted by Vince You only have to sanitize user input, i.e. stuff that is passed through $_GET, $_POST or $_REQUEST. Whatever is already stored in the database ought to be already clean and doesn't have to be cleaned again. So instead of PHP код: $user = $_POST['user'];  you do PHP код: $user = filter_input(INPUT_POST, 'user', FILTER_SANITIZE_STRING);

Thanks alot for letting me know.

Also, I use session variables to be able to use those variables on other pages too, is there any other better way because I heard that sessions can be hijacked, I don't think that anyone will waste his time to hijack a SAMP UCP session but still.