is this the proper use of mysql_real_escape_string() to prevent sql injections?


Posted on 16th Feb 2014 07:03 pm by admin

i was wondering is this the proper use of mysql_real_escape_string() to prevent sql injections? any help greatly appreciated. thanks. derek

Code: <?php
include("connect1.php");
Did you know?Explore Trending and Topic pages for more stories like this.

session_start(); // this is the session declaration , one per page.

$u = trim($_POST['username']);
$p = trim($_POST['password']);

$logoff = $_GET['logoff'];
$hack = $_GET['hack'];





if($logoff){


unset($_SESSION['userid']);

//session_destroy(); //commented out gets rid of the having to login twice.

$message = "You have been logged off";




}


if($hack){

$message = "Naughty Naughty!"; // COOL

}


// escape username and password for use in SQL
$u = mysql_real_escape_string($u);
$p = mysql_real_escape_string($p);


// if fields username and password have contents, then...
if($u && $p){

$query = mysql_query("SELECT * FROM table2 WHERE username = '$u' AND password = '$p'");

$result = mysql_fetch_array($query); //creates array called result,//notice we dont need a while loop here.

if($result['username']){

$message = "You have been logged in";

$_SESSION['userid'] = $result['username'];

header("Location:old.mainsite.php");
exit;


}else{

$message = "You do not exist on the system";

}



}
?>
Trending TodaySee what people are reading
No comments posted yet

Your Answer:

Login to answer
259 Like 53 Dislike
Previous forums Next forums
Other forums

Shopping Cart
Can anyone direct me to a Simple, Basic structure of a shopping cart.
New to classes. I want to s

IP Based Cron Jobs
I run cronjobs on my website. After one of my visitors got curious and tinkered around he realized h

Calender Not Opening
The following code is not loading the javascript calender in another window. It's not doing anything

Working with Global Variables
hi, I'm not really sure why the following code is returning a "Call to a member function getBan

Help =( !! Upload Pics [PHP script]
Hello
I need help with a php script [MULTIPLE UPLOAD IMAGES] , where I want to add a feature (wat

Certain files upload, while others do not
I want to read the data from an uploaded file. Not sure why, but it only uploads for certain files.

Calling strings from other php class
I have test1.php{
$string1;
$string2;
....
... //10 strings in this class <

Display a default image
I am trying to display generic image for items that don't have one, but I can't get it to display.

Create multiple (n) arrays
Hi there,

I have the following need:

I have 2 arrays (coming from a databases)

Accessing element of object array
Hello

My object looks like this:


Array ( [0] => User Object ( [id] =>

Sign up to write
Sign up now if you have flare of writing..
Login   |   Register
Follow Us
Indyaspeak @ Facebook Indyaspeak @ Twitter Indyaspeak @ Pinterest RSS



 
© indyaspeak.com. All Rights Reserved.
Play Free Quiz and Win Cash