-
Notifications
You must be signed in to change notification settings - Fork 5
/
sqli1.php
54 lines (47 loc) · 1.44 KB
/
sqli1.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
<?php
include 'vulnconf.php';
if(isset($_POST['submit'])) {
$username = $_POST['username'];
$password = $_POST['password'];
$password = md5($password);
$sql="SELECT * FROM users WHERE username='$username' AND password='$password'";
$result=mysqli_query($link,$sql);
$count=mysqli_num_rows($result);
$ok = ($count>0?
"<div class=\"alert alert-success\" role=\"alert\">The operation was completed successfully</div>":
"<div class=\"alert alert-danger\" role=\"alert\">Wrong username</div>");
}
include 'ust.php';
?>
<?php echo (!empty($ok) ? $ok : ""); ?>
<!-- 1 -->
<div id="page-content-wrapper">
<!-- 2 -->
<div class="container-fluid">
<!-- 3 -->
<div class="row">
<!-- 4 -->
<div class="col-lg-6">
<h1>Sql Injection 101</h1>
<div class="well">
<form action="sqli1.php" method="POST">
<div class="form-group">
<label for="exampleInputEmail1">Username</label>
<input name="username" class="form-control" id="exampleInputEmail1" placeholder="">
</div>
<div class="form-group">
<label for="exampleInputPassword1">Password</label>
<input type="password" name="password" class="form-control" id="exampleInputPassword1" placeholder="">
</div>
<button type="submit" name="submit" class="btn btn-default">Submit</button>
</form>
</div>
<br>
<a href="sqli2.php">Click to move to the next stage</a>
<!-- /4 -->
</div>
<!-- /3 -->
</div>
<!-- /2 -->
</div>
<?php include 'alt.php'; ?>