i was wondering is this the proper use of mysql_real_escape_string() to prevent sql injections? any help greatly appreciated. thanks. derek
Code: <?php
include("connect1.php");
session_start(); // this is the session declaration , one per page.
$u = trim($_POST['username']);
$p = trim($_POST['password']);
$logoff = $_GET['logoff'];
$hack = $_GET['hack'];
if($logoff){
unset($_SESSION['userid']);
//session_destroy(); //commented out gets rid of the having to login twice.
$message = "You have been logged off";
}
if($hack){
$message = "Naughty Naughty!"; // COOL
}
// escape username and password for use in SQL
$u = mysql_real_escape_string($u);
$p = mysql_real_escape_string($p);
// if fields username and password have contents, then...
if($u && $p){
$query = mysql_query("SELECT * FROM table2 WHERE username = '$u' AND password = '$p'");
$result = mysql_fetch_array($query); //creates array called result,//notice we dont need a while loop here.
if($result['username']){
$message = "You have been logged in";
$_SESSION['userid'] = $result['username'];
header("Location:old.mainsite.php");
exit;
}else{
$message = "You do not exist on the system";
}
}
?>
a very simple php header question (sorry!)
Firstly...I do apologise if this annoys anyone....a header errorI'm do not know php & have tried removing all "white space" but I cant seem to stop the error displaying.Its a very
bit of help needed
Im about to sort out my registration page for my website by customising a "registration" script I came across. It has about all that I need, apart from the changes that i need to make to it
Material xxx does not exist in plant xxx
Dear All,
Help me with some material on Open Text Overview.
Hi Experts,
Mail Form receiving emails with no content
Hi, I hope someone here can help me.I have a simple form in my website, it was working OK, after lots of trouble finding out how to make this form I managed to make it work.I had to create an
How to kill asynchronous postback / current postback?
Hi,here is my problem:I have a web site with many pages of which some may take time to process results. If a user wants to go to another page (by clicking on the top menu) the browser locks up till
Can you help please? Php file
I have to write this php file to allow users to register their nicknames on nickservFor an IRC server, however it worked fine for a couple of years, I then upgraded from Php4 to Php5 and suddenly
PHP - MySQL Fail
My PHP code will only execute the first part of my code... Code: <?php session_start(); ?> <html> <head> <title> Create a
moving mouse to display image coordinates
I have an existing MFC application that shows an image in the main window.I'd like to be able to move the mouse within that image & display the correct image coordinates to the user.How difficult
mr8m - reverse document
Friends,
