Posted by Dikkie Dik on 12/15/05 21:25

Just one thing. Look at what happens if the user types his email as:
' OR 1=1 LIMIT 1;-- haha@haha.com

I hope you use some addslashes function before passing it to the database.

....
> And my class that handles the queries look like that:
>
> $result = mysql_query("SELECT * FROM cms_users WHERE cms_user_email =
> '".$email."' AND cms_user_passwd = '".$password."'") or die(mysql_error());
> $num_rows = mysql_num_rows($result);
> ...
> if($num_rows == 1)
> return true;
> else
> {
> $log=new log();
> $log->Log('Message','Invalid Login, please make sure you
> enter your Email and Password.<br>If you forgot your
> password, enter your email and hit the forgot password button.');
> }

[Back to original message]