使用mysqli_real_escape_string,用户名和密码是否仍然安全?

时间:2014-08-09 09:51:22

标签: php mysql

我使用此代码在mysql数据库中注册数据,我的问题是我的密码安全且SQL注入免费?我在登录页面中以相同的方式定义了用户名和密码!并且在phpmyadmin中密码已加密,登录时一切正常!

include "config.php";
$username = $_POST['username'];
$password = $_POST['password'];
$email = $_POST['email'];
Fname = $_POST['fname'];

$username = stripslashes($username);
$password = stripslashes($password);
$email = stripslashes($email);
$Fname = stripslashes($Fname);

$username = mysqli_real_escape_string($con,$username);
$password = mysqli_real_escape_string($con,hash("sha512",$password));
$email = mysqli_real_escape_string($con,$email);
$Fname = mysqli_real_escape_string($con,$Fname);

0 个答案:

没有答案