Oshgnacknak/css2021-seclab-writeup
Archived
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
This repository has been archived on 2025-03-12. You can view files and clone it, but cannot push or open issues or pull requests.
css2021-seclab-writeup/sql-injection/dummy-login-code.php

23 lines
511 B
PHP
Raw Blame History

<?php
$_POST = array(
'user'=>'abc',
'password'=>'def');
function doesQueryReturnAnyRow($query) {
var_dump($query);
return true;
}
function checkLogin() {
$user = $_POST['user']; // ESCAPE FEHLT!!!!
$password = $_POST['password']; // ESCAPE FEHLT!!!!
$query = "SELECT * FROM users"
. " WHERE user = '$user'"
. " AND password='$password'"; // Siehe Hint
return doesQueryReturnAnyRow($query);
}
if (checkLogin()) {
echo "Information: Task solved!";
}
Reference in a new issue View git blame Copy permalink