Is there any SQL injection possibility still while using mysql_real_escape_string() function?
Consider this sample situation. SQL is constructed in PHP like below:
$login = mysql_real_escape_string(GetFromPost('login'));
$password = mysql_real_escape_string(GetFromPost('password'));
$sql = "SELECT * FROM table WHERE login='$login' AND password='$password'";
Some people told me that code like that is still dangerous and possible to hack also with mysql_real_escape_string() function used. Although I cannot think of any possible exploit?
Classic injections like this:
aaa' OR 1=1
Also does not work.
Does anybody know any possible injection that would get through the PHP code above?