Originally Posted by t3hl33td4rg0n
What about $_POST['password']
Honestly, I've never used mysql_escape_string(), perhaps i should.
But its funny, thats the first script ive written in over a year and havent written a single line since.
No need to escape it because it's being md5'd:
If it were not first being MD5'd then I would mysql_escape_string() it.