I am creating login page with validation.
i have index.php page with login box, for validating this login detail i m redirecting to login_validate.php.
Login_validate.php file code:
$dbtable = "users";
$username = $_POST['usr_name'];
$password = $_POST['usr_pass'];
$result = mysql_query("SELECT * FROM $dbtable where user_name = '".$username."' and password = '".$password."'");
$resultvalue = mysql_num_rows($result);
echo "****************** Alertbox [error msg]**************";
now what i want to do is i want to display alert box if the user detail is not true,
Can some one help me how to display alert box in that echo field please, i tried java script but, error in that.
P.s. you better change this ($username = $_POST[‘usr_name’];) to
$username = strip_tags(mysql_real_escape_string($_POST['usr_name']));
It’s much saver for your database!
thanks for your knid help,
Can you tell me the actual difference for this code please, since i dont know about that so far,
($username = $_POST[‘usr_name’];) to
$username = strip_tags(mysql_real_escape_string($_POST[‘usr_name’]));
Thanks in advance,
These are functions from php.
I always use the manual wich you can download from there site.
These are 2 functions to clean up the mess wich a bad user can insert into your database and hack you.
Try google on mysql_real_escape_string and strip_tags.
Watch your security, it’s very important!
Maybe it helps if you read about sql injection and that kind of stuff.
Thank you for your kind information, this will be useful message for me about the sql injection. if possible can you tell me some sites where i can get this details similar to this since i m creating a dynamic website, Security is more important for me in my site.
Again thank you so much,
Hmm, we have a magic word for it: Google!
Just type in: sql injection php and you find a lot of information about it.
I have an pdf who explains it but it’s in dutch, so i think you can’t read it… 🙂
Maybe you recognize the code’s but that’s not enough i think.
But as far as i know there are more of these pdf’s arround the internet.
Try to look arround, if you are not shure if it’s save you always can ask it here.
Some people helped me to a while ago, so now i help you and other people!
You can also read about SQL Injection in the manual.
PHP: SQL Injection – Manual