15 lines
349 B
PHP
15 lines
349 B
PHP
<?php
|
|
|
|
namespace services;
|
|
include 'config/database-connection.php';
|
|
|
|
class Access
|
|
{
|
|
static function login($username, $password)
|
|
{
|
|
// ADORO L'SQL INJECTION ' OR '1'='1
|
|
global $conn;
|
|
$query = "SELECT * FROM users WHERE DESCRIZIONE = '$username' AND PASSWORD = '$password'";
|
|
return $conn->query($query);
|
|
}
|
|
} |