Good?!

rIkLuNd

Is this script good to use to check a user's password?!

function checkPass($user,$password)
{
global $link;

$result = mysql_query("SELECT id,user,password from users
WHERE user='$user',password='$password'",$link);

if(!$result)
die("CheckPass fatal error: ".mysql_error());

if(mysql_num_rows($result))
return mysql_fetch_array($result);
return false;
}

michael

Althought this script probably works, I would grade it a 33%.

Make it work.
Make it work well.
Make it work securely.

You should use SHA-1 or at the very least MD5.

rIkLuNd

ok, thanx!