Detected 1 occurrence(s) of ‘\s*pass[word]+\s*[:=]\s*["'][a-z0-9\-_\!\$]+["']‘: require_once('../db_/connection.php');//Holds connection to database $email = mysqli_real_escape_string($con, $_POST['email']);//Sanitizing email $pass = md5($_POST['password']);//Hashing password $sql = "SELECT id FROM users WHERE email='$email' AND password='$pass' LIMIT 1"; $query = mysqli_query($con, $sql); $check = mysqli_num_rows($query); if($check < 1){ echo "fail"; //mysqli_close($con); exit(); } else{ echo "Sucess"; //mysqli_close($con); exit(); } Source: http://pastebin.com/raw.php?i=txpp6Bex
↧