-1
我想通過繞過我自己的登錄頁面實踐sql注入,但我不知道如何使它容易sqli,你能告訴我該怎麼辦? 這是PHP代碼:Sql注入登錄繞過
<?php
@ob_start();
session_start();require('db.php');
if (isset($_POST['username'])) {
$username = $_POST['username'];
$password = $_POST['password'];
$query = "SELECT * FROM `users` WHERE username='$username' and password='$password'";
$result = mysql_query($query) or die(mysql_error());
$rows = mysql_num_rows($result);
if(!empty ($rows)) {
$_SESSION['username'] = $username;
header("Location: index.php"); // Redirect user to index.php
} else {
echo "<div class='form'><h3>Username/password is incorrect.</h3><br/>Click here to <a href='login.php'>Login</a></div>";
}
在此先感謝.. –
那麼,你是幸運的。它已經很容易受到sql-i的攻擊。 – Danielius
糟糕的使用'!empty'那裏... [PHP的權威指南isset和空](http://kunststube.net/isset/) – deceze