Detected 1 occurrence(s) of ‘\s*pass[word]+\s*[:=]\s*[“‘][a-z0-9\-_\!\$]+[“‘]': an admin and that their password session var equals the database information // Connect to the MySQL database include "../storescripts/connect_to_mysql.php"; $sql = mysql_query("SELECT * FROM affiliate WHERE id='$memberID' AND username='$member' AND password='$password' LIMIT 1"); // query the person // ------- MAKE SURE PERSON EXISTS IN DATABASE --------- $existCount = mysql_num_rows($sql); […]
↧