Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- $login = $_REQUEST["login"];
- $login = xmli($login);
- $password = $_REQUEST["password"];
- $password = xmli($password);
- // Loads the XML file
- $xml = simplexml_load_file("passwords/heroes.xml");
- // XPath search
- $result = $xml->xpath("/heroes/hero[login='" . $login . "' and password='" . $password . "']");
- [login='" . $login . "' and password='" . $password . "']
- [login='' and password='']
- [login='whatever'' and password='']
- [login='whatever' or 1=1' and password='']
- [login='whatever' or 1=1' and password='']
- [login='whatever' or 1=1 or '' and password='']
- whatever' or 1=1 or '
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement