rwhite35

@mac_gyver, nice catch. I wasn't thinking mysqli! I've had inconsistent results when using a foreach loop to build the bindValue for $stmt objects. Specifically with OS X 10.10. Using the incrementor rather than foreach has solved the issue. Have you come across that situation before? Thanks,

I use a similar algorithm but only with authenticated users (like an admin) and never with public facing pages... NEVER TRUST un-authenticated input. That said, here is how I programmatically create the binder for the placeholders. try { $stmt = $DB->prepare($query); if ($bind!=null) { $cnt = count($bind); if ($cnt>1) { //mulitple binders $t=1; for($i=0;$i<$cnt;$i++) { $stmt->bindParam($t,$bind[$i]); $t++; } } else { //single binder $stmt->bindParam(1,$bind); } } if($stmt->execute()) { while ($row = $stm