Add info about addslashes()

diff --git a/lang/en/docs/coding.html b/lang/en/docs/coding.html
index faad02f9d85640a35631eafeba037f4f18fe7a30..3b44a53dca01fd0c5ca60899f505dd0384ec45c1 100755 (executable)
--- a/lang/en/docs/coding.html
+++ b/lang/en/docs/coding.html
@@ -38,6 +38,10 @@
     the &quot;lang/en&quot; files and call them using get_string() or print_string().</li>
   <li class="spaced">All help files should be translatable - create new texts 
     in the &quot;en/help&quot; directory and call them using helpbutton().</li>
+  <li class="spaced">Incoming data from the browser (sent via GET or POST) automatically
+    has magic_quotes applied (regardless of the PHP settings) so that you can safely
+    insert it straight into the database.  All other raw data (from files, or from databases)
+    must be escaped with <font color="#339900">addslashes()</font> before inserting it into the database.</li>
 </ol>
 <p>&nbsp;</p>
 <h2>Coding Style</h2>