Potential leak of data: Simple Password

Detected 1 occurrence(s) of ‘\s*pass[word]+\s*[:=]\s*["'][a-z0-9\-_\!\$]+["']‘: rd']; $username = stripslashes($username); $password = stripslashes($password); $username = mysql_real_escape_string($username); $password = mysql_real_escape_string($password); $sql="SELECT * FROM users WHERE username='$username' and password='$password'"; $result=mysql_query($sql); $count=mysql_num_rows($result); if($count == 1) //ERROR APPEARS TO TAKE PLACE HERE { session_start(); $_SESSION['username'] = $username; $_SESSION['password'] = $password; heade Source: http://pastebin.com/raw.php?i=78LSqFub