I think Ill just use the better secured one, thanks!
On Aug 04, 2011, at 10:41 PM, Negin Nickparsa <nickparsa@xxxxxxxxx> wrote:
or if you want to do this risky and none secure thing try this:$query="select * from members where user='"$_POST['user']."'and pass=password('$pas')";well first you must check errors in mysqlthen storing in session
also it is better to use:
$user=mysql_real_escape_string($_POST['user']);then write the query
