mrMarcus Posted December 18, 2012 Share Posted December 18, 2012 (edited) Don't use trim(). Just do this: $md5password = md5($_POST['resetpassword']); EDIT: and remove the following: $_POST = mysql_real_escape_array($_POST); $_POST = trim_array($_POST); You should never trim() or escape a value that is a password. Since mysql_real_escape_array() is not a built-in PHP function, I'm assuming you have created it to map 'mysql_real_escape_string' to the $_POST array, correct? Don't do that. If a user enters a single and/or double quote in their password (their right to do so), mysql_real_escape_string() will escape it and change the hash. Even though you can simply apply this same methodology to future login/registration/password reset applications, it serves no purpose and should be omitted. Edited December 18, 2012 by mrMarcus Quote Link to comment https://forums.phpfreaks.com/topic/272027-click-image-insert-into-database/page/3/#findComment-1400202 Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.