Make a login system using the standered sb in ud -

now put the user name and password which is corrcect it will redirect u to the member page or what ever . if ur password is wrong it will rediredt u to a password wrong page or waht ever - all the above is correct and works all right the problem is ---

put the correct user name and also put teh corrdct password only put the " at the end of the password if your password is c++ make your password c++" now ur password is wrong and it should rediredt to u to the password wrong page but it gave error in the sql statment - i have tried to fix that but chould not fix it --



any help ?


suhailkaleem

Hey Dude I think that " is not allowed. Check what type of Data ur password feild is. The same thing happend to me

how can we stop users to add " to the password feild , ????

Actually, this error will occur, not just in Log-In forms, but also with any other kind of form requiring user input.

In PHP it is very easy to overcome this with the add_slashes() function.

The way to overcome this problem in other server languages is to take the same approach. You need to escape the contents of the field before it is used in a SQL statement. I'm not sure how you would achieve this in other languages, but I know that it cannot be impossible.

So that you know, your subject is wrong. This has nothing at all to do with UltraDev. It is a failing of all scripting languages for not auto-escaping form input.

Tim Green
Webmaster
www.rawveg.org (Coming Soon)

I Guess you could use the Built in form validation in Ultra Dev as a Quick fix untill u figure out a solution.