Menu
i have a simple html form with username and password boxes. When they click the submit button it fires a login script, which contains this line:
$query = mysql_query(“select * from user where name = ‘$Name’ and password = ‘$Password'”);
problem is, a user can login with another users password ie
id ¦ pwd
user 1 ¦ pwd1
user 2 ¦ pwd2
user 3 ¦ pwd3
what happens is that user 1 can login with user 2 or 3’s password and vice versa.
Any way around this, or a more secure statement?