Click here to Skip to main content
15,900,589 members
Please Sign up or sign in to vote.
4.00/5 (1 vote)
See more:
Hi i need to make this piece of code vulnerable to sql injection any help please,its for a project im working on and i don't know much of either language.

PHP
<?php

$host="localhost"; // Host name
$username="root"; // Mysql username
$password=""; // Mysql password
$db_name="Faults"; // Database name
$tbl_name="Users"; // Table name

// Connect to server and select databse.
mysql_connect("$host", "$username", "$password")or die("cannot connect");
mysql_select_db("$db_name")or die("cannot select DB");

// username and password sent from form
$myusername=$_POST['myusername'];
$mypassword=$_POST['mypassword'];

// To protect MySQL injection (more detail about MySQL injection)
//$myusername = ($myusername);
//$mypassword = ($mypassword);
//$myusername = ($myusername);
//$mypassword = ($mypassword);

$sql="SELECT * FROM $tbl_name WHERE username='$myusername' and password='$mypassword'";
$result=mysql_query($sql);

// Mysql_num_row is counting table row
$count=mysql_num_rows($result);

// If result matched $myusername and $mypassword, table row must be 1 row

if($count==1){
echo "LOGIN SUCCSESS!!";
}
else {
echo "Wrong Username or Password";
}
?>
Posted
Updated 1-Apr-15 1:06am
v4
Comments
Mohibur Rashid 31-Mar-15 19:34pm    
Its already vaulnerable. Making it anymore vaulnerable is unlikely.

But if you want to make secure: then use mysql_real_escape_string.
paul power 1-Apr-15 9:11am    
What sql injection command should work with this if it is vulnerable?
paul power 1-Apr-15 10:19am    
Sorted thanks

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)



CodeProject, 20 Bay Street, 11th Floor Toronto, Ontario, Canada M5J 2N8 +1 (416) 849-8900