- 01
- 02
- 03
- 04
- 05
- 06
- 07
- 08
- 09
- 10
- 11
- 12
- 13
- 14
- 15
if(@isset($_GET['id'])){
$myconns=@mysql_connect(\"127.0.0.1\",\"user_noprivs\",\"unbr34k4bё3!\") or
die(\"sorry can't connect\");
@mysql_select_db(\"cms\") or die(\"sorry can't select DB\");
$sql_query = @mysql_query(
\"select content from content_table where id=\".$_GET['id']) or die(\"Sorry
wrong
SQL Query\");
// oops SQL Injection-^
while($tmp = @mysql_fetch_row($sql_query))
echo $tmp[0]; //echoes the result as HTML code
}else{
echo \"Welcome to My Bank
\".Login.\"\";
}
Комментарии (0) RSS
Добавить комментарий