There were a lot of people who created tutorials to create a PHP Login System. But they were all vulnerable to MySQL Injection. In this post I’m going to demonstrate a login system free of this vulnerability. It is very secure. There are mysqli and PDO in PHP to escape these injections. We are going to use **PDO ( PHP Data Object **). Download Demo UPDATE – logSys There is a new, free, better Advanced Login System which you can check out here.... [READ MORE]

SQL Injection (SQLi) is a very dangerous thing that a hacker can do to your site. This happens mostly in SQL queries. Let me make you understand this in a simple way. Suppose you’re SQL query code is this: $user=$_GET[‘user’]; $sql=mysql_query("SELECT * FROM users WHERE user='".$user."‘"); It’s a normal code. BUT it is a very easy method for hacker to easily destroy your database. The user ID is getting from a GET request. If the file’s name (where the request is going) is user.... [READ MORE]