LCKB ** OLD LCKB DATABASE ** Website Scripting & Security Website Releases Ep1 Websites v
Safe registration script

Linear Mode
Safe registration script
Wizatek Offline
Posting Freak
*****
Posts: 768
Threads: 40
Thanks Received: 0 in 0 posts
Thanks Given: 0
Joined: May 2011
Reputation: 0
#9
05-20-2012, 03:08 PM

Replace: (line 66)

( $conf[use_encryption] ? $pass = md5( $_POST[pass1] ) : $pass = $_POST[pass1] )

To:

( $conf[use_encryption] ? $pass = md5( $_POST[pass1] ) : $pass = $_POST[pass1] );

 

And...

This (line 100)

colspan="2">

to

 

Full code:

 

Ok, im busted for not testing it after i wrote it haha

 

 

 

Why you didnt use mysql_real_ESCAPE_string ?
 

I use PDO to communicate with the database and not the mysql_* functions of PHP.

PDO does all the escaping itself making mysql injection completely impossible.

Find


Messages In This Thread
[No subject] - by Wizatek - 05-02-2012, 09:43 PM
[No subject] - by vavan - 05-06-2012, 01:05 PM
[No subject] - by Blackfire - 05-13-2012, 08:19 AM
[No subject] - by Baikim - 05-18-2012, 11:52 AM
[No subject] - by slowz2seecret - 05-20-2012, 11:12 AM
[No subject] - by Blackfire - 05-20-2012, 11:17 AM
[No subject] - by vavan - 05-20-2012, 11:41 AM
[No subject] - by Ascadia-Network - 05-20-2012, 12:32 PM
[No subject] - by Wizatek - 05-20-2012, 03:08 PM
[No subject] - by slowz2seecret - 05-20-2012, 09:17 PM
[No subject] - by Baikim - 05-20-2012, 10:04 PM
[No subject] - by slowz2seecret - 05-20-2012, 10:21 PM
[No subject] - by Spezzato - 08-18-2012, 03:37 PM
[No subject] - by Wizatek - 08-18-2012, 05:33 PM
[No subject] - by LiQuiD - 10-02-2012, 11:05 AM
[No subject] - by halohalo - 10-24-2012, 02:34 AM
[No subject] - by halohalo - 04-04-2013, 02:50 AM
[No subject] - by fantasymerlin - 01-23-2016, 09:26 AM
[No subject] - by Sutz - 01-25-2016, 01:41 AM
[No subject] - by fantasymerlin - 01-25-2016, 07:49 PM
[No subject] - by Sutz - 01-26-2016, 01:15 AM
[No subject] - by fantasymerlin - 01-26-2016, 07:33 PM

Forum Jump:


Users browsing this thread: 1 Guest(s)