[Solved] Is this PHP code vulnerable to SQL injection? [duplicate]

Question

Yes, it’s vulnerable. You’re talking values directly from user input and placing it into your query.

You should look at mysql_real_escape_string, or (preferably) use MySQLi which provides parameterised queries. SQL injections are caused by user data being injected as SQL code instead of data. The only true way to secure a query is to use parameterised queries, which separate the data and query text at the protocol level.

Furthermore, your passwords are stored in plaintext. You should use a salted hash function as an absolute minimum.

You should also take a look at these awesome questions:

How can I prevent SQL injection in PHP?
Secure hash and salt for PHP passwords
The definitive guide to form-based website authentication

Accepted Answer

Yes, it’s vulnerable. You’re talking values directly from user input and placing it into your query.

You should look at mysql_real_escape_string, or (preferably) use MySQLi which provides parameterised queries. SQL injections are caused by user data being injected as SQL code instead of data. The only true way to secure a query is to use parameterised queries, which separate the data and query text at the protocol level.

Furthermore, your passwords are stored in plaintext. You should use a salted hash function as an absolute minimum.

You should also take a look at these awesome questions:

How can I prevent SQL injection in PHP?
Secure hash and salt for PHP passwords
The definitive guide to form-based website authentication