I fully agree. So let's test and test ans test again the user administration page I've rewritten to fit xhtml standards. An other possible security issue may be the improved copy/move table feature that were added the option to work with other db than the current one. I'm not sure the access rights to the target db are checked before the query is executed. Loïc ______________________________________________________________________________ ifrance.com, l'email gratuit le plus complet de l'Internet ! vos emails depuis un navigateur, en POP3, sur Minitel, sur le WAP... http://www.ifrance.com/_reloc/email.emailif