Thread: Creating a Secure Login Script in PHP
View Single Post
  #7 (permalink)  
Old 06-30-2004, 06:31 AM
Xcalabers Xcalabers is offline
WebProWorld New Member
  
Join Date: Sep 2003
Location: 2cni.net
Posts: 22
Xcalabers RepRank 0
Default
Smo is right. If you haven't protected against SQL injection your in trouble. Also I would look at saving the password in the database as a hash. Here is an example using mysql's built in function:

mysql> SELECT PASSWORD('mypass');
+--------------------+
| PASSWORD('mypass') |
+--------------------+
| 6f8c114b58f2ce9e |
+--------------------+

I don't see a link to your site though so it's hard to make more sugestions.
Reply With Quote