Jump to content
php.lv forumi

login


Cinis

Recommended Posts

Kas šai kodā ir nepareizs (jo citreiz viss nostrādā labi, bet dažkār vajag nospiest REFRESH):

if(isset($_POST['username_email']) AND isset($_POST['password'])) {
  $username_email = quote_smart($_POST['username_email']);
  $password = quote_smart(md5($_POST['password']));
          $result = mysql_query("SELECT COUNT(*) FROM users WHERE (username = {$username_email} OR email = {$username_email}) AND password = {$password}");
          if(mysql_result($result,0,'COUNT(*)') > 0)
            {
              session_regenerate_id();
              $_SESSION['login'] = 1;
              $id = mysql_result(mysql_query("SELECT id FROM users WHERE (username = {$username_email} OR email = {$username_email}) AND password = {$password}"),0,'id');
              $_SESSION['my_id'] = $id;
              header("location: {$DEFAULT_LINK}");
            }
}

vai arī šo skriptu var arī kaut kas cits bremzēt, piem. javascript?

 

Link to comment
Share on other sites

Nepareizs, tu saki...

 

if(isset($_POST['username_email']) AND isset($_POST['password']))

->

if(isset($_POST['username_email'], $_POST['password']))

 

deprecated methods, using md5 for password hashes, not using prepared statements for parametrised queries...

 

Kā izpaužās "nenostrādā labi"? Izmet 404/503? Redirekto, bet neielogo?

Link to comment
Share on other sites

Guest
This topic is now closed to further replies.
×
×
  • Create New...