Need to run 'setup.php'." ); dvwaRedirect( DVWA_WEB_PAGE_TO_ROOT . 'setup.php' ); } $query = "SELECT * FROM `users` WHERE user='$user' AND password='$pass';"; $result = @mysql_query( $query ) or die( '
' . mysql_error() . '.
Try installing again.
' ); if( $result && mysql_num_rows( $result ) == 1 ) { // Login Successful... dvwaMessagePush( "You have logged in as '{$user}'" ); dvwaLogin( $user ); dvwaRedirect( DVWA_WEB_PAGE_TO_ROOT . 'index.php' ); } // Login failed dvwaMessagePush( 'Login failed' ); dvwaRedirect( 'login.php' ); } $messagesHtml = messagesPopAllToHtml(); Header( 'Cache-Control: no-cache, must-revalidate'); // HTTP/1.1 Header( 'Content-Type: text/html;charset=utf-8' ); // TODO- proper XHTML headers... Header( 'Expires: Tue, 23 Jun 2009 12:00:00 GMT' ); // Date in the past // Anti-CSRF generateSessionToken(); echo " Login :: Damn Vulnerable Web Application (DVWA) v" . dvwaVersionGet() . "





" . tokenField() . "

{$messagesHtml}







" . dvwaExternalLinkUrlGet( 'http://www.dvwa.co.uk/', 'Damn Vulnerable Web Application (DVWA)' ) . " is a RandomStorm OpenSource project.

"; ?>