Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- $uname = "1' OR 1='1";
- $pass;
- //cose per databeis
- $conn = new mysqli($servername, $username, $password, $dbname);
- if ($conn->connect_error) {
- die($conn->connect_error . "sei gay");
- }
- //esegue la qwerty
- $sql = "SELECT pass FROM dio WHERE Username='" . $uname . "'";
- // SELECT pass FROM dio WHERE Username='1' OR 1='1'";
- $insertquery="SELECT pass FROM dio WHERE Username='?'";
- $stmt = $conn->prepare($insertquery);
- $stmt->bind_param('s', $uname);
- $stmt->execute();
- if ($stmt->error) {
- echo "ERRORE:";
- die ($stmt->error);
- }else {
- echo "ok"
- }
- $stmt->close();
- if ($uname == "1' OR 1='1"){
- die("esplodi finocchio");
- }
- $result = $conn->query($sql);
- //funzia solo se selezioni Ѡ
- if ($result->num_rows > 0) {
- /** Table: `dio`
- * +----------T---------T----------+
- * | Username | Cognome | pass |
- * +----------+---------+----------+
- * | Dav | Zac | Did |
- * | MV | P | doen |
- * | Ang | Cat | dado |
- * ڞڞڢگڵڞڞڢگڵڞڞڢگڵڞڞڢگڵ
- * +----------+---------+----------+
- */
- //¿ hola ?
- $arr = [];
- //$i = 0;
- //while che ti fa stare dentro a letizia
- while (($row = $result->fetch_assoc()) != null ) {
- /*
- $arr[$i] = $result->fetch_assoc();
- $i++;
- cosi funzia?
- scusa sono autistico ö
- ah ok */
- array_push($arr, $row["name"] . " " . $row["surname"]);
- }
- } else {
- echo "No results found.";
- }
- function ڞڞڢگڵ() {
- $saso = 'ڞڞڢگڵ';
- return "che merda";
- }
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement