Well, I use the following code to check if the user exists and log in:
<?PHP
include('config.php');
include('menu.php');
# Validar os dados do usuário
function anti_sql_injection($string)
{
include('config.php');
$string = stripslashes($string);
$string = strip_tags($string);
$string = mysqli_real_escape_string($conexao,$string);
return $string;
}
$sql = mysqli_query($conexao,"select * from tb_usuario where
email_usu='".anti_sql_injection($_POST['email_usu'])."' and
senha_usu='".anti_sql_injection($_POST['senha_usu'])."' limit 1") or die("Erro");
$linhas = mysqli_num_rows($sql);
if($linhas == '')
{
?>
<div class="msg2 padding20">Usuário não encontrado ou usuário e senha inválidos.</div>
<?PHP
}
else
{
while($dados=mysqli_fetch_assoc($sql))
{
session_start();
$_SESSION['nome_usu_sessao'] = $dados['nome_usu'];
header("Location: conteudo.php");
}
}
?>
As you can see, the code has a protection against SQLInjection, however I would like to add MD5 encryption ie check the password with MD5, I do not know the right term for this, but in the case "read MD5."