On 18 January 2011 17:49, Donovan Brooke <lists@xxxxxxx> wrote: > Â Â$query = "SELECT u_id FROM cms_users WHERE u_name = $_post['f_user'] AND > u_pass = $_post['f_pass']"; Make sure you clean the inputs before using them. If the username entered was ... '' OR 1 -- you may have problems with security. -- Richard Quadling Twitter : EE : Zend @RQuadling : e-e.com/M_248814.html : bit.ly/9O8vFY -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
