apportate queste modifiche funziona:
Codice PHP:
public function login($user, $pass) {
$pass = sha1($pass);
$strQuery = "SELECT * FROM user WHERE user_name='" . $user . "' AND user_pass='" . $pass . "'";
try {
$query = $this->pdo->prepare($strQuery);
$query->execute();
if ($query->rowCount() == 1) {
$_SESSION['login_eseguito'] = TRUE;
$_SESSION['user_id'] = $result->user_id;
return TRUE;
} else {
return FALSE;
}
} catch (PDOException $e) {
print "Error!: " . $e->getMessage() . "
";
die();
}
}
ho usato un'istruzione preparata in pratica.
Rispondi quotando