Daniel Brown wrote:
On Tue, Jan 18, 2011 at 12:49, Donovan Brooke wrote:
Hello,
I warned the list that I may have questions! ;-)
...building a simple cookie-based log-in system, and have
narrowed an error to this below: (sorry for email line breaks, if any)
---Start---
if ($_post['f_action']
Simon J Welsh wrote:
[snip]
---Start---
$query = "SELECT u_id FROM cms_users WHERE u_name = $_post['f_user'] AND u_pass
= $_post['f_pass']";
Array indices either need to be accessed without quotes for the key, or by
enclosing the variable in curly braces.
---
Simon Welsh
Admin of http://s
On 19/01/2011, at 6:49 AM, Donovan Brooke wrote:
> Hello,
>
> I warned the list that I may have questions! ;-)
>
> ...building a simple cookie-based log-in system, and have
> narrowed an error to this below: (sorry for email line breaks, if any)
>
> ---Start---
>$query = "SELECT u_id FROM c
On 18 January 2011 17:49, Donovan Brooke wrote:
> $query = "SELECT u_id FROM cms_users WHERE u_name = $_post['f_user'] AND
> u_pass = $_post['f_pass']";
Make sure you clean the inputs before using them.
If the username entered was ...
'' OR 1 --
you may have problems with security.
--
Ri
On Tue, Jan 18, 2011 at 12:49, Donovan Brooke wrote:
> Hello,
>
> I warned the list that I may have questions! ;-)
>
> ...building a simple cookie-based log-in system, and have
> narrowed an error to this below: (sorry for email line breaks, if any)
>
> ---Start---
> if ($_post['f_action']=='login
Hello,
I warned the list that I may have questions! ;-)
...building a simple cookie-based log-in system, and have
narrowed an error to this below: (sorry for email line breaks, if any)
---Start---
if ($_post['f_action']=='login') {
// connect to database (custom function)
$r = dbconnect();
6 matches
Mail list logo
