Detected 1 occurrence(s) of ‘\s*pass[word]+\s*[:=]\s*["'][a-z0-9\-_\!\$]+["']‘: s $password_login = preg_replace('#[^A-Za-z0-9]#i', '', $_POST["password_login"]); //filter everything but numbers and letters $password_login_md5 = md5($password_login); $sql = mysql_query("SELECT id FROM users WHERE username='$user_login' AND password='$password_login_md5' LIMIT 1"); //query the database //check for their existance $userCount = mysql_num_rows($sql); //Count the number of rows returned if ($userCount == 1) { while ($row […]
↧