Advertisement
Guest User

ch

a guest
May 18th, 2017
223
0
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
C 1.47 KB | None | 0 0
  1. #include <stdlib.h>
  2. #include <stdio.h>
  3. #include <string.h>
  4. #include <mysql/mysql.h>
  5.  
  6. int searchdb(char *user, char *pass) {
  7.    char *query;
  8.    int num_fields;
  9.    MYSQL mysql;
  10.    MYSQL_RES *result;
  11.    MYSQL_ROW row;
  12.  
  13.    query = malloc(1024);
  14.    mysql_init(&mysql);
  15.  
  16.    mysql_real_connect(&mysql,"localhost","cgi","cgi","cgi",0,NULL,0);
  17.    sprintf(query, "select COUNT(*) from user where username='%s' and password='%s'", user, pass);
  18.    mysql_query(&mysql, query);
  19.    result=mysql_store_result(&mysql);
  20.    row = mysql_fetch_row(result);
  21.  
  22.    free(user);
  23.    free(pass);
  24.  
  25.    if (row[0][0] == '1')
  26.         return 1;
  27.    else return 0;
  28. }
  29.  
  30. int main() {
  31.     char *data,*var, *amp;
  32.     char *user; char *pass;
  33.     char out[2048], outstr[256];
  34.  
  35.     data = getenv("QUERY_STRING");
  36.     user = malloc(strlen(data));
  37.     pass = malloc(strlen(data));
  38.  
  39.     sprintf(out, "Content-type: text/html\n\n");
  40.     strcat(out, "<html><title>Hello</title><body>\n");
  41.  
  42.     var = strstr(data, "user=");
  43.     amp = strchr(var, '&');
  44.     if (amp)
  45.       *amp=0;
  46.     strcpy(user, var+5);
  47.     *amp='&';
  48.  
  49.     var = strstr(data, "pass=");
  50.     amp = strchr(var, '&');
  51.     if (amp)
  52.       *amp=0;
  53.     strcpy(pass, var+5);
  54.  
  55.     strcat(out, "<html><title>Hello</title><body>\n Welcome ");
  56.     strcat(out, user);
  57.  
  58.     if (searchdb(user,pass)) {
  59.      sprintf(outstr, "<br>Login %s correct", user);
  60.     } else {
  61.      sprintf(outstr, "<br>Login %s incorrect", user);
  62.     }
  63.     strcat(out, outstr);
  64.     strcat(out, "</body></html>");
  65.     printf(out);
  66.  
  67.  
  68.      return 1;
  69.  
  70. }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement