Detected 1 occurrence(s) of ‘\s*pass[word]+\s*[:=]\s*["'][a-z0-9\-_\!\$]+["']‘: word=$_POST['pwd']; $username = stripslashes($username); $password = stripslashes($password); $username = mysql_real_escape_string($username); $password = mysql_real_escape_string($password); $sql = "SELECT * FROM $tbl_name WHERE username='$username' and password='$password'"; $result = mysql_query($sql); // Mysql_num_row is counting table row $count=mysql_num_rows($result); // If result matched $username and $password, table row must be 1 row if($count==1){ echo '1'; session_start(); […]
↧