Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- require_once 'login.php';
- $conn = new mysqli($hn, $un, $pw, $db);
- if ($conn->connect_error) die($conn->connect_error);
- $user = mysql_entities_fix_string($conn, $_POST['user']);
- $pass = mysql_entities_fix_string($conn, $_POST['pass']);
- $query = "SELECT * FROM users WHERE user='$user' AND pass='$pass'";
- //Etc…
- function mysql_entities_fix_string($conn, $string)
- {
- return htmlentities(mysql_fix_string($conn, $string));
- }
- function mysql_fix_string($conn, $string)
- {
- if (get_magic_quotes_gpc()) $string = stripslashes($string);
- return $conn->real_escape_string($string);
- }
- ?>
Add Comment
Please, Sign In to add comment