Warning: file_get_contents(/data/phpspider/zhask/data//catemap/1/typo3/2.json): failed to open stream: No such file or directory in /data/phpspider/zhask/libs/function.php on line 167

Warning: Invalid argument supplied for foreach() in /data/phpspider/zhask/libs/tag.function.php on line 1116

Notice: Undefined index: in /data/phpspider/zhask/libs/function.php on line 180

Warning: array_chunk() expects parameter 1 to be array, null given in /data/phpspider/zhask/libs/function.php on line 181
Php 为什么可以';这不是SQL注入吗?_Php_Sql Injection - Fatal编程技术网
Fatal编程技术网
  • php/
  • Php 为什么可以';这不是SQL注入吗?

Php 为什么可以';这不是SQL注入吗?

php

Php 为什么可以';这不是SQL注入吗?,php,sql-injection,Php,Sql Injection,我必须制作一个可以SQL注入的应用程序,但我不能使SQL注入成为可能。我想尽一切办法把它注入SQL,但没有成功。可以像admin'#那样编写用户名,因为这样会注释掉行 我希望你能帮助我。你可以看到我的代码就在下面 <?php include('include/config.php'); include('parts/header.php'); $submit = $_POST['submit']; $username = $_POST['username'

我必须制作一个可以SQL注入的应用程序,但我不能使SQL注入成为可能。我想尽一切办法把它注入SQL,但没有成功。可以像
admin'#
那样编写用户名,因为这样会注释掉行

我希望你能帮助我。你可以看到我的代码就在下面

<?php
    include('include/config.php');
    include('parts/header.php');

    $submit = $_POST['submit'];
    $username = $_POST['username'];
    $password = $_POST['password'];

    if ($submit) {
        if(!empty($username OR !empty($password))) {
            $sqlQuery = mysql_query("SELECT * FROM users WHERE username = '$username' AND password = '$password'");

            if(mysql_num_rows($sqlQuery) == 1) {
                // Success - admin'#
                echo "LOGGEDIN";
                $_SESSION['loggedin'] = 1;
            }
            else {
                echo "Wrong password or username";
            }
        }
        else {
            echo "You didn't fill every field.";
        }
    }
?>

<div id="container">
    <form action="login.php" method="POST">
        <input type="text" name="username" placeholder="Type user name...">
        <input type="password" name="password" placeholder="Type password...">
        <input type="submit" name="submit" value="Log in">
    </form>
</div>

您可以使用
mysql\u real\u escape\u string
函数使变量安全:


$username = mysql_real_escape_string($_POST['username']);
$password = mysql_real_escape_string($_POST['password']);



这是托管在某个实时站点上的吗?你的情况使它总是错误的。你尝试注入了什么?它不在任何地方,我是本地的。情况很好。可以登录。@KevinSteenHansen最终获得一个解决方案。我的任务是创建一个不安全的应用程序,但我的代码不能被sql注入:/n您需要使用htmlspecialchars()或strip_tags()。第一个将像<这样的特殊字符转换为将显示为检查此链接认为您误解了我。我必须做一个不安全的登录。这将帮助您从sql注入。添加此scriptDoenst work:/后,请尝试0=0方法。它给了我错误的密码语句。是否检查了链接?这将确实影响引号从查询字符串中消失的位置?是的,如果用户名在引号中,这将如何注入任何内容?

<?php
 include('include/config.php');
 include('parts/header.php');


$submit = $_POST['submit'];
$username = (int)$_POST['username'];
$password =(int)$_POST['password'];

if ($submit) {
    if(!empty($username OR !empty($password))) {
        $sqlQuery="SELECT * FROM users  WHERE user_login = '$username' AND password  = '$password'";

        //SELECT * FROM `wp_users` WHERE `user_login`='1' OR '1' = '1' AND `user_pass`='1' OR '1' = '1' 
        //$sqlQuery = mysql_query("SELECT * FROM users WHERE username = '$username' AND password = '$password'");
        echo $sqlQuery;
        exit;
        if(mysql_num_rows($sqlQuery) == 1) {
            // Success - admin'#
            echo "LOGGEDIN";
            $_SESSION['loggedin'] = 1;
        } else {
            echo "Wrong password or username";
        }
    } else {
        echo "You didn't fill every field.";
    }
}
?>

<div id="container">
    <form method="POST">
        <input type="text" name="username" placeholder="Indtast brugernavn..">
        <input type="password" name="password" placeholder="Indtast kodeord..">
        <input type="submit" name="submit" value="Log ind">
    </form>
</div>



SELECT * FROM wp_users WHERE user_login = '7' AND user_pass = '7'