how to protect POST function
This question already has an answer here:
you should use md5() on your password value and not the mysql_real_escape_string() return value.
so first correct this:
passad = mysql_real_escape_string(md5($_POST["password"]));
由于你的passad变量被散列,我想你必须比较这样的散列变量
if(md5("passadmin") == $passad)
链接地址: http://www.djcxy.com/p/3728.html
上一篇: 我应该如何为CodeIgniter选择一个认证库?
下一篇: 如何保护POST功能