09-20-2007, 06:01 AM
|
#5 (permalink)
|
|
The Prestige
Join Date: Sep 2007
Location: Sweden, Stockholm
Posts: 1,053
Thanks: 115
|
PHP Code:
$pass = mysql_escape_string($_POST['pass']);
$sql = printf("SELECT `pass` FROM `users` WHERE `pass` = %s", $pass);
$query = mysql_query($sql);
That would be pretty foolproof?
Anything else that I can add to make it safer? |
|
|
|