phpSensei Posted August 6, 2007 Share Posted August 6, 2007 K I have posted this before, and I already validated the input before the mysql_real_escape_string.. Just Want to know if there is anything else I can add to my script to make this login more secure. <?php $dbhost="localhost"; $dbuser="root"; $dbpass=""; $dbname="dbase"; $connect=mysql_connect($dbhost,$dbuser,$dbpass) or die("Error: " . mysql_error()); $db=mysql_select_db($dbname); $username=mysql_real_escape_string($_POST['username']); $password=mysql_real_escape_string($_POST['password']);> $query_bad = "SELECT * FROM member WHERE username = '$username' and password ='$password'"; echo "Escaped Bad Injection: <br />" . $query_bad . "<br />"; Link to comment https://forums.phpfreaks.com/topic/63565-user-login-security/ Share on other sites More sharing options...
Daniel0 Posted August 6, 2007 Share Posted August 6, 2007 You should do fine with mysql_real_escape_string(). Link to comment https://forums.phpfreaks.com/topic/63565-user-login-security/#findComment-316765 Share on other sites More sharing options...
phpSensei Posted August 6, 2007 Author Share Posted August 6, 2007 THANKYOU, lol I am so glad now. Link to comment https://forums.phpfreaks.com/topic/63565-user-login-security/#findComment-316769 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.