Thanks,

bitbucket, that is the way I had it coded before, but that seems to be an easy target for SQL injection?

what do you reckon?

Thanks again