protection 2

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Thanks Colin.

Think I will do both. I can timeout the session with PHP.

Does adding mysql_real_escape_string make this secure to injection or should 
I be doing something else?

if ($_POST['submitted']){

$username = mysql_real_escape_string( $_POST['username'] );
$pass = mysql_real_escape_string( $_POST['pass');


$username = md5($username);
$pass = md5($pass);

$query = "SELECT username, pass FROM login where username='$username' AND 
pass ='$pass'"; 



-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[Index of Archives]     [PHP Home]     [Apache Users]     [PHP on Windows]     [Kernel Newbies]     [PHP Install]     [PHP Classes]     [Pear]     [Postgresql]     [Postgresql PHP]     [PHP on Windows]     [PHP Database Programming]     [PHP SOAP]

  Powered by Linux