這是一個簡單的登入系統， 然後要過濾特殊字元避免資料隱碼攻擊 我是用mysql_real_escape_string函數 想請問大家如果要寫 如果帳號密碼欄有特殊字元就跳出警告視窗該怎麼寫呢 <?php // *** Validate request to login to this site. if (!isset($_SESSION)) { session_start(); } $loginFormAction = $_SERVER['PHP_SELF']; if (isset($_GET['accesscheck'])) { $_SESSION['PrevUrl'] = $_GET['accesscheck']; } if (isset($_POST['textfield2'])) { $loginUsername=mysql_real_escape_string($_POST['textfield2']); $password=mysql_real_escape_string($_POST['textfield']); $MM_fldUserAuthorization = ""; $MM_redirectLoginSuccess = "loginOK.php"; $MM_redirectLoginFailed = "login.php"; $MM_redirecttoReferrer = false; mysql_select_db($database_kenny, $kenny); $LoginRS__query=sprintf("SELECT ID, password FROM users WHERE ID='".$loginUs ername."' AND password='".$password."'", GetSQLValueString($loginUsername, "text"), GetSQLValueString($password, "tex t")); $LoginRS = mysql_query($LoginRS__query, $kenny) or die(mysql_error()); $loginFoundUser = mysql_num_rows($LoginRS); if ($loginFoundUser) { $loginStrGroup = ""; //declare two session variables and assign them $_SESSION['MM_Username'] = $loginUsername; $_SESSION['MM_UserGroup'] = $loginStrGroup; if (isset($_SESSION['PrevUrl']) && false) { $MM_redirectLoginSuccess = $_SESSION['PrevUrl']; } header("Location: " . $MM_redirectLoginSuccess ); } else { header("Location: ". $MM_redirectLoginFailed ); } } ?> -- Sent from my Android -- ※ 發信站: 批踢踢實業坊(ptt.cc), 來自: 49.216.248.69 ※ 文章網址: https://www.ptt.cc/bbs/PHP/M.1427539249.A.2DA.html