SQL Injection Vulnerability

[francofico]

@pmj642 Hey man, I found your repo while searching for a final project of a university subject. We need to find free software projects which have some kind of security vulnerability, fix it and patch it, and I found a SQL Injection one on yours on login.php; so I was wondering if we could use your code and fix this issue. We would send you the patched code afterwards.
If you want to know more, please answer here tagging me and I'll contact you.

[pmj642]

Hey @francofico, thanks for the issue. Although, I'm aware of these issues and at many places XSS attacks are possible too. Because this project is still under development and it is barebones right now. Once all the features are implemented then I'll be working on the security aspect before making it live.

I would suggest that if you are still interested then you can use the code for your project and make the changes if you can on your own. If you wish to send the patch afterwards then feel free to send a PR. I'm also nearing to a close and soon I'll be working on the security aspects.