[SOLVED] is this function safe from sql injections?

[scarhand]

Hi I am currently in the process of learning about mysql_real_escape_string, stripslashes, addslashes, and other measures in order to protect my scripts from sql injections.

 

I was doing a tutorial and was wondering about the vulnerability (still a bit confusing to me but I will pick it up soon) and I used and partially modified a function for use in a script I'm working on.

 

I would like to know if this is function is safe from sql injections:

 

function confirmUser($username, $password)
{
   global $db;
   /* Add slashes if necessary (for query) */
   if(!get_magic_quotes_gpc()) 
   {
     $username = addslashes($username);
   }

   /* Verify that user is in database */
   $q = "select password from admin_users where username = '$username'";
   $result = mysql_query($q,$db);
   if(!$result || (mysql_numrows($result) < 1))
   {
     return 1; //Indicates username failure
   }

   /* Retrieve password from result, strip slashes */
   $dbarray = mysql_fetch_array($result);
   $dbarray['password'] = stripslashes($dbarray['password']);
   $password = stripslashes($password);

   /* Validate that password is correct */
   if($password == $dbarray['password'])
   {
     return 0; //Success! Username and password confirmed
   }
   else
   {
     return 2; //Indicates password failure
   }
}

 

Thank you.

[trq]

You don't need to use stripslashes on data being retrieved from the database. Also, Id'e recommend using mysql_real_escape_string over addslashes.

[per1os]

if(!$result || (mysql_numrows($result) < 1))

 

Error there it should be mysql_num_rows and for security I would suggest storing the user's password as an MD5 hash in the database.

[scarhand]

ok so I only need to worry about protecting information being inserted into the database then...

 

thanks guys, solved.