View Single Post
  #5  
Old 27th April 2011, 17:48
ncoc.nl ncoc.nl is offline
Member
 
Join Date: Feb 2011
Posts: 36
Thanks: 3
Thanked 17 Times in 11 Posts
Default

Ben,

In basic if not logged on there is no possibilty to run one of the other scripts, validation is done at the beginning of every script:

session_start();
if(!session_is_registered(User)){
header("location:login.php");
}

then the MySQL injection is checked:

$User = stripslashes($User);
$Password = stripslashes($Password);
$User = mysql_real_escape_string($User);
$Password = mysql_real_escape_string($Password);

and the password is encrypted:

$encrypted_Password=md5($Password);

at last the session is registered:

session_register("User");
session_register("Password");

Did I miss something or better, is there something that can make the script better?
Please advise!

Regards,
Ronald
Reply With Quote