is this the proper use of mysql_real_escape_string() to prevent sql injections?
Posted on
16th Feb 2014 07:03 pm by
admin
i was wondering is this the proper use of mysql_real_escape_string() to prevent sql injections? any help greatly appreciated. thanks. derek
Code: <?php
include("connect1.php");
Did you know?Explore Trending and Topic pages for more stories like this.
session_start(); // this is the session declaration , one per page.
$u = trim($_POST['username']);
$p = trim($_POST['password']);
$logoff = $_GET['logoff'];
$hack = $_GET['hack'];
if($logoff){
unset($_SESSION['userid']);
//session_destroy(); //commented out gets rid of the having to login twice.
$message = "You have been logged off";
}
if($hack){
$message = "Naughty Naughty!"; // COOL
}
// escape username and password for use in SQL
$u = mysql_real_escape_string($u);
$p = mysql_real_escape_string($p);
// if fields username and password have contents, then...
if($u && $p){
$query = mysql_query("SELECT * FROM table2 WHERE username = '$u' AND password = '$p'");
$result = mysql_fetch_array($query); //creates array called result,//notice we dont need a while loop here.
if($result['username']){
$message = "You have been logged in";
$_SESSION['userid'] = $result['username'];
header("Location:old.mainsite.php");
exit;
}else{
$message = "You do not exist on the system";
}
}
?>
No comments posted yet
Your Answer:
Login to answer
259
53
Other forums
Trouble checking SESSION cookie
I am trying to use $_SESSION cookies to verify admin privileges .
I don't understand why this is
close site for maintenance
i get a tutorial, saying the following code can put our site offline, and only the developer can vie
A href problem under php
Hello...
I tried to explain the issue in an earlier post.. but was not clear enough....
Can't get the unicode character
I'm trying to get some text from various parts of a file. I have converted the file to hex (bin2hex)
Creating a db with a query
Hello everyone.
I'm having troubles creating a db with a query.
I'm reading a book called PHP
Socket Server Response Headers
Earlier I had a post about my Socket Server, I wasn't able to get it to connect, now I can
I
The repetition structure: the while statement not working
New programming student, have assignment as follows:
A restaurant has 4 lunch combos for custom
PHP Display Telephone Number On Referrer
I have used the php below to show a different telephone number in the header of the site depending u
File upload issues
Hi Guys,
Can anyone see any issues with this code:
Code: $setImage= 'productimages/' . dat
Target costs on Process orders not calculating
Hi All,
We have released standard costs for all the materials. We have also done Goods r