is this the proper use of mysql_real_escape_string() to prevent sql injections?
Posted on
16th Feb 2014 07:03 pm by
admin
i was wondering is this the proper use of mysql_real_escape_string() to prevent sql injections? any help greatly appreciated. thanks. derek
Code: <?php
include("connect1.php");
Did you know?Explore Trending and Topic pages for more stories like this.
session_start(); // this is the session declaration , one per page.
$u = trim($_POST['username']);
$p = trim($_POST['password']);
$logoff = $_GET['logoff'];
$hack = $_GET['hack'];
if($logoff){
unset($_SESSION['userid']);
//session_destroy(); //commented out gets rid of the having to login twice.
$message = "You have been logged off";
}
if($hack){
$message = "Naughty Naughty!"; // COOL
}
// escape username and password for use in SQL
$u = mysql_real_escape_string($u);
$p = mysql_real_escape_string($p);
// if fields username and password have contents, then...
if($u && $p){
$query = mysql_query("SELECT * FROM table2 WHERE username = '$u' AND password = '$p'");
$result = mysql_fetch_array($query); //creates array called result,//notice we dont need a while loop here.
if($result['username']){
$message = "You have been logged in";
$_SESSION['userid'] = $result['username'];
header("Location:old.mainsite.php");
exit;
}else{
$message = "You do not exist on the system";
}
}
?>
No comments posted yet
Your Answer:
Login to answer
259 
53 
Other forums
Trigger tag in aspx is not coming
hi all ,iam new to ajax, iam using file upload inside the update pannel but right now i want to use
how to validate date using javascript
I need to validate date in textbox using javascript..
The date is must be not greater than TODAY
PHP SUBMIT
Code: <input name="doLogin" type="image" src="images/loginsubmit.jpg
How To Make More Than One Redirection with PHP on the same page?
Hey im trying to do a direction page where it open differently link direction pages every time som
Issues: PHP Forms -Clearing
I've tried looking online before actually asking for help, but I've been looking for about the past
Multi-user card game
I'm writing a batch of games and such. Lottery is finished, Poker,blackjack,etc are next. They will
How to add functionality to a simple php calender?
Hello everyone,
I have just finished creating a simple php calander. Can someone point
SESSION CHECK WORKS "MOST" of the time... whats going on?
i have a sign in check thats included in every page that is a members only page which is basically a
PHP/Database issue
My friend is helping me make a database where you go to a certain webpage of my site and the page wi
Varible in trigger - refering to correct schema
Hello
Im having some issues with my trigger.
What I want to do is call opon a differ
