有这样的东西真的很有用吗:
$passe = mysql_real_escape_string(htmlspecialchars($_POST['passe']));
为什么我们用这个?如何优化呢?
谢谢
<?php
mysql_connect("localhost", "root", "");
mysql_select_db("nom_db");
$passe = mysql_real_escape_string(htmlspecialchars($_POST['passe']));
$passe2 = mysql_real_escape_string(htmlspecialchars($_POST['passe2']));
if($passe == $passe2)
{
script here
}
else
{
echo 'Your password is wrong';
}
?>