Is this mySQL code safe form attack?
Posted: Sun Aug 26, 2007 10:00 am
I'm pretty new to php and recently discovered mysql_real_escape and would just like to ask if this code is safe from attack.
Code: Select all
function check_input($value)
{
// Stripslashes
if (get_magic_quotes_gpc()) {
$value = stripslashes($value);
}
// Quote if not a number
if (!is_numeric($value)) {
$value = "'" . mysql_real_escape_string($value) . "'";
}
return $value;
}
// include database configuration file
include("config.php");
// assign username, password value to variables
$username = $_POST["username"];
$password = $_POST["password"];
// encrypt the password
$encrypted = md5($password);
// connect to the mysql server
$link = mysql_connect($server, $user, $pass) or die ("Could not connect to server");
// select the database
mysql_select_db("database", $link) or die ("Unable to select database!");
$username = check_input($username);
$encrypted = check_input($encrypted);
// match the given password against password in database
$match = mysql_query("SELECT username FROM users WHERE username = $username AND user_password = $encrypted;");
$rows = mysql_num_rows($match);
// if the given username does not exist
if ($rows <= 0) {
echo "You have specified an incorrect or inactive username, or password is incorrect.<br>";
echo "<a href=index.php>Try again</a>";
exit;
}
// if the given username does exist
else {
// register the session
session_register("username");
// close the connection
mysql_close($con);
// redirect to index.php
header('Location: index.php');
}