Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
[help] Improve login script
#2
It's generally bad practice to use static properties/methods due to their globalised scope. Also, it would be better if you opted to eschew the original MySQL functions, due to their outdated nature (and they're currently in deprecation). Try MySQLi or PDO since you're using the object-oriented paradigm.

I'd also like to see the sanitise.php file as well, because I'm curious how you're protecting yourself form both XSS and SQLi attacks with that one function. I assume you're using functions like htmlspecialchars() or htmlentities() to prevent XSS attacks; however these escaping functions should only be invoked upon outputting data from the database (not when inputting data). Information inside the database should be kept intact until you're manipulating it as a general rule of thumb.
Reply


Messages In This Thread
[help] Improve login script - by Montana" - 11-21-2012, 09:19 AM
RE: [help] Improve login script - by Haxalot - 03-18-2013, 12:59 PM

Possibly Related Threads…
Thread Author Replies Views Last Post
  Don't need to login Strafeness 5 1,901 01-21-2012, 08:28 AM
Last Post: AceInfinity
  Creating a simple PHP/MySQL login script ndee 16 9,977 05-14-2011, 02:18 AM
Last Post: モrainee
  Simple secure login script. Frank Yates 2 1,603 03-08-2011, 10:11 AM
Last Post: lil-wayneee
  Members Area (login) Script? Danny 6 2,985 12-12-2010, 07:19 PM
Last Post: Saint Michael
  php form script with upload script help andrewjs18 4 3,158 10-07-2010, 11:46 AM
Last Post: JMK940

Forum Jump:


Users browsing this thread: 1 Guest(s)