-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathsql-injection.php
More file actions
45 lines (38 loc) · 1.56 KB
/
sql-injection.php
File metadata and controls
45 lines (38 loc) · 1.56 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
<?php
if (isset($_POST['comment'])) {
$dsn = 'mysql:dbname=exploit;host=127.0.0.1';
$dbh = new PDO($dsn, 'root', 'slunicko');
// incorrect
$dbh->exec("INSERT INTO comment(comment) VALUES('" . $_POST['comment'] . "')");
// correct
$stm = $dbh->prepare("INSERT INTO comment(comment) VALUES(:comment)");
$stm->bindValue('comment', $_POST['comment']);
$stm->execute();
}
?>
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8">
<title>SQL injection</title>
</head>
<body>
<h1>SQL injection</h1>
<p>
Lorem ipsum dolor sit amet, consectetur adipiscing elit. Nunc lacinia dictum leo, ac pharetra libero pretium id. Sed cursus lorem vel eleifend ultrices. Praesent viverra rhoncus lorem tristique ultricies. Sed enim nunc, dapibus vel diam egestas, iaculis scelerisque neque. Sed consectetur odio dolor, a convallis nibh vestibulum non. Fusce vel facilisis mi. Vestibulum fermentum auctor neque ut facilisis. Aliquam erat volutpat. Praesent et pretium arcu, sed mattis nisi. Pellentesque dolor dui, pharetra eget lacus sit amet, elementum tincidunt orci. Phasellus volutpat aliquet ullamcorper. Vestibulum dictum auctor eros, sed suscipit augue egestas eu. Donec elementum neque a malesuada vestibulum.
</p>
<h2>Comments</h2>
<form method="post" action="">
<p>
<label for="comment">Comment</label><br>
<textarea name="comment" id="comment"></textarea>
<!--
'); DELETE FROM comment; -- ')
-->
</p>
<p>
<input type="submit" value="Submit!" />
</p>
</form>
</body>
</html>