Wrerperotmels
New Member
Since I am using PDO to prevent SQL injection, do I still need to apply PHP's data filters to ensure the input is the correct format? Is PDO protect all kind of injections?\[code\]$STH = $DBH->prepare("SELECT * from jem WHERE email=? AND pass=? LIMIT 0,1");\[/code\]Any more tip for login script would be help.