n.kolosnaj/php_practice
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

exam151

Browse Source
This commit is contained in:
nkolosnjaj
2024-05-13 14:31:00 +02:00
parent 56492d171c
commit 19bf1b8ac8
1 changed files with 30 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

30
exam151/index.php Normal file
View File

@@ -0,0 +1,30 @@
<?php
// How to escape SQL Injection
$con = mysqli_connect('localhost', 'example_user', 'Kolosnjaj4321!');
mysqli_select_db($con, 'example_database');
if(isset($_POST['username']) && isset($_POST['password'])){
$username = $_POST['username'];
$password = $_POST['password'];
if(!empty($username) && !empty($password)){
$query = "SELECT `id` FROM `users` WHERE `username` = '" . mysqli_real_escape_string($con,$username). "' AND `password` = '" .mysqli_real_escape_string($con,$password) ."'";
$query_run = mysqli_query($con, $query);
if(mysqli_num_rows($query_run) >= 1){
echo 'Login success';
} else {
echo 'Invalid user or pass';
}
}
}
?>
<form action="index.php" method="POST">
User: <input type="text" name="username"> <br>
Pass: <input type="text" name="password"><br>
<input type="submit" value="Submit">
</form>