first commit

dvwa/vulnerabilities/sqli_blind/cookie-input.php

@@ -0,0 +1,31 @@
+<?php
+
+define( 'DVWA_WEB_PAGE_TO_ROOT', '../../' );
+require_once DVWA_WEB_PAGE_TO_ROOT . 'dvwa/includes/dvwaPage.inc.php';
+
+dvwaPageStartup( array( 'authenticated', 'phpids' ) );
+
+$page = dvwaPageNewGrab();
+$page[ 'title' ] = 'Blind SQL Injection Cookie Input' . $page[ 'title_separator' ].$page[ 'title' ];
+
+if( isset( $_POST[ 'id' ] ) ) {
+	setcookie( 'id', $_POST[ 'id' ]);
+	$page[ 'body' ] .= "Cookie ID set!<br /><br /><br />";
+	$page[ 'body' ] .= "<script>window.opener.location.reload(true);</script>";
+}
+
+$page[ 'body' ] .= "
+<form action=\"#\" method=\"POST\">
+	<input type=\"text\" size=\"15\" name=\"id\">
+	<input type=\"submit\" name=\"Submit\" value=\"Submit\">
+</form>
+<hr />
+<br />
+
+<button onclick=\"self.close();\">Close</button>";
+
+dvwaSourceHtmlEcho( $page );
+
+?>
+
+