Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- $connect = mysqli_connect('localhost', 'root', '12345', 'bugs');
- $result = mysqli_query($connect, "Select * from user");
- if (mysqli_connect_errno()) {
- echo "Failed to connect to MySQL: " . mysqli_connect_error();
- }
- //' OR 1=1 --' для того щоб перевірка бд давала завжди true
- $user_login = $_GET['login'];
- $user_password = $_GET['pass'];
- if (isset($_GET['login_b'])) {
- $result = mysqli_query($connect, "Select * from user where login='$user_login' and password='$user_password'");
- $myrow = mysqli_fetch_assoc($result);
- if (!empty($myrow)) {
- echo "<p align=center>Hello," . $myrow['login'] . "</p>";
- } else {
- echo "<p align=center>Wrong login: " . $user_login . " Password: " . $user_password . "</p>";
- }
- }
- if (isset($_GET['reg'])) {
- $result = mysqli_query($connect, "insert into user (login,password) values ('$user_login','$user_password')");
- }
- mysqli_close($connect);
- ?>
- <html>
- <head>
- <title>LogIn</title>
- </head>
- <body>
- <form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="get">
- <table align="center">
- <tr>
- <td><b>Login:</b></td>
- <td>
- <input type='text' name='login'>
- </td>
- </tr>
- <tr>
- <td><b>Password:</b></td>
- <td>
- <input type='text' name='pass'>
- </td>
- </tr>
- <tr>
- <td align="center" colspan='2'>
- <input id="button" name="login_b" style=" width: 110px;height: 50px" type='submit' value="Log In">
- <input id="button" name="reg" style="width: 110px;height: 50px" type='submit' value="Registration">
- </td>
- </tr>
- </table>
- </form>
- </body>
- </html>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
