Frankkung@DSS:~# curl challenge01.root-me.org/web-serveur/ch11/index.php~
<?php
$username="ch11";
$password="OCCY9AcNm1tj";
echo \'
<html>
<body>
<h1>Authentication v 0.00</h1>
\';
if ($_POST["username"]!="" && $_POST["password"]!=""){
if ($_POST["username"]==$user && $_POST["password"]==$password)
{
print("<h2>Welcome back {$row[\'username\']} !</h2>");
print("<h3>Your informations :</h3><p>- username : $row[username]</p><br />");
print("To validate the challenge use this password</b>");
} else {
print("<h3>Error : no such user/password</h2><br />");
}
}
echo \'
<form action="" method="post">
Login <br/>
<input type="text" name="username" /><br/><br/>
Password <br/>
<input type="password" name="password" /><br/><br/>
<br/><br/>
<input type="submit" value="connect" /><br/><br/>
</form>
</body>
</html>
\';
?>