Is this Secure?

Question

coxdabd 0 Newbie Poster

13 Years Ago

Hi, just starting out with PHP, etc. Seem to be picking things up quickly. Just want some advice on how secure things are e.g. entering email address into the database, etc. Look forward to some help and advice.

<?php
error_reporting(0);
$email = "";
$msg_to_user = "";
if ($_POST['email']!=""){
	include_once "connection.php";
	
	$email = $_POST['email'];
	
	$sql = mysql_query("SELECT * FROM addresses WHERE email='$email'");
	$numRows = mysql_num_rows($sql);
	
	if (!$email){
	$msg_to_user = '<div class="msg_to_user">Please type an email address.</div>';
	}
	
	else if ($numRows>0){
	$msg_to_user = '<div class="msg_to_user">'.$email.' is already in the system.</div>';
	}
	else {
	$sql_insert=mysql_query("INSERT INTO addresses (email, dateTime) 
	VALUES('$email',now())") or die (mysql_error());
	
	
	$msg_to_user='<div class="msg_to_user_success">You have been added successfully.</div>';	
	$email="";
	}
	}
?>

php

3 Contributors
4 Replies
97 Views
21 Hours Discussion Span
Latest Post 13 Years Ago Latest Post by Dragonbaki

All 4 Replies

Dragonbaki 4 Junior Poster

13 Years Ago

What do you refer by "Secure"..? Here, you are just inserting the user's mail id.. That's only I can understand... Can u make your question clear..?

Reply to this topic

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.

coxdabd 0 Newbie Poster · Answer 1 · 2010-11-24T14:44:31+00:00

coxdabd 0 Newbie Poster

13 Years Ago

Any sugggestions?

Awah Mohamed -5 Junior Poster · Answer 2 · 2010-11-24T18:50:56+00:00

let me suggest for you somethings :
you have to check if the inputs are no mysql injections
by using

mysql_real_escape_string()

and then you have to use filters to see if the user is giving you a real emails or not , coiz sometimes we use to find some crazy users who use to give a very fake emails
i hope this helps
if this is wt you mean please upvote my comment
thanks

Dragonbaki 4 Junior Poster · Answer 3 · 2010-11-24T18:58:35+00:00

Prince... How do i know that user entered email id is valid or not... That is real emails not fake one...

Is this Secure?

Recommended Answers Collapse Answers

All 4 Replies

Recommended Answers