Thread: How to retrieve data from SQL to PHP?
View Single Post
  #5 (permalink)  
Old 06-28-2007, 01:51 AM
TeraTask's Avatar
TeraTask TeraTask is offline
PT Admin
Awards Showcase
Quality Tutorial Quality Tutorial Quality Tutorial 
Total Awards: 3
Join Date: Jun 2007
Location: Reno, NV
Posts: 442
iTrader: (0)
TeraTask is a splendid one to beholdTeraTask is a splendid one to beholdTeraTask is a splendid one to beholdTeraTask is a splendid one to beholdTeraTask is a splendid one to beholdTeraTask is a splendid one to behold
The username field should be either unique or the primary key. That will enforce integrity rules on a system. Generally speaking the whole point of a username is to have a unique identifier.

ccoonen: You should check out my article on MySQL injection protection at TUTORIAL: MySQL Injection Attack Prevention in PHP . You're using mysql_real_escape_string which has a few limitations (noted on the php.net site too).

__________________
Jeremy Miller
Content Farmer - Optimized Automated Blog Posting
Digg this Post! Del.Icio.Us this Post! Technorati this Post! Furl this Post! Mister Wong this Post! Newsvine this Post! Spurl this Post! Reddit this Post! Netscape this Post!
Reply With Quote
The Following User Says Thank You to TeraTask For This Useful Post:
ccoonen (06-28-2007)