Pag, man pašam arī būtu jāapgūst security... :D Kā būtu šis kods jāpārveido?
$username = $_POST['username'];
$password = $_POST['password'];
$password2 = $_POST['password2'];
$email = $_POST['email'];
// some code.
$sql = "INSERT INTO `members` (`username`, `password`, `email`) VALUES ('$username', '$password', '$email')";
mysql_query($sql) or die('<strong>' . mysql_errno() . '</strong>: ' . mysql_error());
Kā šādi?
$username = $_POST['username'];
$password = $_POST['password'];
$password2 = $_POST['password2'];
$email = $_POST['email'];
// some code.
$username = mysql_real_escape_string($username);
$password = mysql_real_escape_string($password);
$email = mysql_real_escape_string($email);
$sql = "INSERT INTO `members` (`username`, `password`, `email`) VALUES ('$username', '$password', '$email')";
mysql_query($sql) or die('<strong>' . mysql_errno() . '</strong>: ' . mysql_error());