luke2012 Posted May 13, 2012 Share Posted May 13, 2012 Hi, Please forgive my ignorance in advance I was wondering whether this script by about.com http://php.about.com/od/finishedphp1/ss/php_login_code.htm was a secure script (i.e. from SQL injections etc.), just wondering if I've missed anything obvious, Huge thanks in advance, Luke Quote Link to comment Share on other sites More sharing options...
chris-s Posted May 18, 2012 Share Posted May 18, 2012 It's definitely dated. Uses the old mysql drivers... looks to depend on addslashes() for security. Looks like it can take a cookie value for the username, passing it to a query without sanitization. I say no. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.