2
我只是想知道這行代碼是否安全以避免SQL注入?在PHP中避免SQL注入的最安全方法?
// username and password sent from form
$myusername=$_POST['loginUserName'];
$mypassword=$_POST['loginPassword'];
$myusername = stripslashes($myusername);
$mypassword = stripslashes($mypassword);
$myusername = mysql_real_escape_string($myusername);
$mypassword = mysql_real_escape_string($mypassword);
我是否需要拆封?