Ask about general coding issues or problems here.
Moderators: macek, egami, gesf
- php-forum Active User
- Posts: 300
- Joined: Sun Dec 11, 2011 12:51 am
- Location: Shrewsbury, Shropshire
Firstly, I would suggest doing your security cleaning on the post data as you allocate it to variables so that for one you ensure your password is trimmed etc before it is changed to SHA1 and secondly it removes the extra lines of code. Plus stripslashes and strip_tags are not required as mysql_real_escape_string will do everything you need, however trim is essential really.
Secondly session_register is deprecated and therefore should not be used, just assign it to the session as below
Code: Select all
$query=mysql_query("SELECT * FROM adminstrator WHERE username='$username' AND password='$password'");
//mysql counts table rows for approval..
$_SESSION['username'] = $username;
Then make sure you also have session_start() at the top of every page that needs to use sessions
Who is online
Users browsing this forum: Baidu [Spider] and 9 guests