标签云

微信群

扫码加入我们

WeChat QR Code


use mysqli_real_escape_string the i stands for improved and should be way more secure. also md5 is not secure enough for todays standards, use sha512 like this $hash = hash('sha512', $password); and every mysql function should be mysqli

2018年07月17日04分02秒

if i $hash = $_POST["password"] an use it in connection then Wrong password Ineed to crypt $_POST cause this code like that can to any one hacking it

2018年07月17日04分02秒

MD5 is NOT secure. That's why we have password-hash

2018年07月17日04分02秒

When I use Password-hash Igot Wrong Password Too :)

2018年07月17日04分02秒

Wrong Password ..

2018年07月17日04分02秒

You mean like that if(md5("passadmin") == $passad) { $sqll = "SELECT * FROM admins WHERE username='$userad' AND password ='$passad'"; }

2018年07月17日04分02秒

As you said when you type username and password you get error ,yes because PHP compares your $passad with hashed value like "8b1a9953c4611296a827abf8c47804d7" so they are not the same

2018年07月18日04分02秒

Yes I understand that .. But how I can Protect my script or login connect ?

2018年07月17日04分02秒

ADS