i was wondering is this the proper use of mysql_real_escape_string() to prevent sql injections? any help greatly appreciated. thanks. derek
Code: <?php
include("connect1.php");
session_start(); // this is the session declaration , one per page.
$u = trim($_POST['username']);
$p = trim($_POST['password']);
$logoff = $_GET['logoff'];
$hack = $_GET['hack'];
if($logoff){
unset($_SESSION['userid']);
//session_destroy(); //commented out gets rid of the having to login twice.
$message = "You have been logged off";
}
if($hack){
$message = "Naughty Naughty!"; // COOL
}
// escape username and password for use in SQL
$u = mysql_real_escape_string($u);
$p = mysql_real_escape_string($p);
// if fields username and password have contents, then...
if($u && $p){
$query = mysql_query("SELECT * FROM table2 WHERE username = '$u' AND password = '$p'");
$result = mysql_fetch_array($query); //creates array called result,//notice we dont need a while loop here.
if($result['username']){
$message = "You have been logged in";
$_SESSION['userid'] = $result['username'];
header("Location:old.mainsite.php");
exit;
}else{
$message = "You do not exist on the system";
}
}
?>
How to generate a random array of integers subject to a certain constraint
I am writing a program that asks the user to enter an integer N and then generates a random array of integers of size 2^N, each of whose entries range from 1 to N+1. The final random array, however,
HTML form problem
Ive made a form to that i want to send to my email via PHP. but when it send only the name's etc send and then the table belpw only Job location sends and the other columns do not send. is this a html
CHMOD script
Hi,I need a script to read all files in a folder and set to 777.Can anyone help out please?
Help Import Animoto and Youtube
CAn someone help me urgently want to allow users on my website to import youtube/revver/dailymotion and very important animoto videos into the site.This feature will come in the upload window.Can this
Read from forum
Haven't written anything forever and I would like to get back.What I'm trying to do is getting the data from all the threads in a sub forum.Can someone roughly point out which functions I'll need for
type check while uploading
Hi Everyone,How can I check the exact type of a file while uploading on my site?Here is the scenario:I have allowed only .jpg, .gif, .png files to be uploaded on my site. Suppose an user renames his
Problem with PHP code- simple contact form
Hi Folks, I'm relativily new to PHP; I know HTML and CSS stuff but I have a problem- I have a contact form with PHP code in it- grabbed it from the sitemaster website. Unfortunately my form isn't
Shuffle Array
Hi,I am writing a script for a game that needs players to randomly be assigned a target (another player) in a loop so that each player is matched with someone other than who has them. See below:Andy
user administration
Dear @all,
Contents of variable not echoing
Hey guys, hopefully this is an easy one...In this line, the variables are not echoing out. The script runs without error though.Code: [Select]echo "Name: $name | E-mail: $email | Comments:
