09-20-2007, 09:53 AM
|
#8 (permalink)
|
|
Moderateur
Join Date: Apr 2007
Posts: 1,393
Thanks: 5
|
Quote:
Originally Posted by Wildhoney
That's quite safe as it is! Just don't forget to strip_tags() ...
|
In this instance (password verification) why would you want to strip tags? I'm pretty sure that if someone entered the following into the password field: <strong>my<br>pass<br>word</strong>, even if "mypassword" was correct you would still want to fail because the supplied password is incorrect:
"<strong>my<br>pass<br>word</strong>" != "mypassword"
Or am I missing something? |
|
|
|