Using PHP/MySQL for an admin login form.
It is session-based, checking username / password against an admin table. Apparently, it is open to SQL injection, but I have no idea why. I was under the impression that either mysql_real_escape_string() or addslashes() would prevent injections to a login form. Apparently I am wrong.
Can anyone provide me with examples of how an injection could occur using the following sample query:
$sql = "SELECT * FROM members WHERE Email='$email' AND Password='$pass' AND Validated='1' AND Status='1'"; $result = @mysql_query($sql);
Any tips on preventing this? Thankfully, this is a pretty innocuous site, not a lot of damage can be done, but I want to ensure that I have a solid grasp on what is occurring and how to prevent it.
Thanks!