alban/docker-vulnerable-dvwa
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
9b5985f85b
docker-vulnerable-dvwa/dvwa/vulnerabilities/sqli_blind/source/low.php
OPSXCQ f40a84879c
first commit
2016-12-02 17:19:11 -02:00

29 lines
709 B
PHP
Raw Blame History

<?php
if( isset( $_GET[ 'Submit' ] ) ) {
// Get input
$id = $_GET[ 'id' ];
// Check database
$getid = "SELECT first_name, last_name FROM users WHERE user_id = '$id';";
$result = mysql_query( $getid ); // Removed 'or die' to suppress mysql errors
// Get results
$num = @mysql_numrows( $result ); // The '@' character suppresses errors
if( $num > 0 ) {
// Feedback for end user
$html .= '<pre>User ID exists in the database.</pre>';
}
else {
// User wasn't found, so the page wasn't!
header( $_SERVER[ 'SERVER_PROTOCOL' ] . ' 404 Not Found' );
// Feedback for end user
$html .= '<pre>User ID is MISSING from the database.</pre>';
}
mysql_close();
}
?>
Reference in New Issue View Git Blame Copy Permalink