Patch Bug Bypass Admin-Evan<?php$message = “”;if(isset($_POST[‘submit’

1. Patch Bug Bypass Admin
2. -Evan
3.  
4. <?php
5. $message = “”;
6. if(isset($_POST[‘submit’])){
7. $username= ($_POST[username]);
8. $password = md5($_POST[‘password’]);
9. $query = “SELECT * FROM admin WHERE username = ‘$username’ and password = ‘$password’ and usertype = ‘1’”;
10. $query_result = mysqli_query($con, $query);
11. if(mysqli_num_rows($query_result)){
12. $row = mysqli_fetch_assoc($query_result);
13. $_SESSION[‘admin_id’] = $row[‘id’];
14. $_SESSION[‘username’] = $row[‘username’];
15. header(“location: index.php”);
16. }else{
17. $message = “Username and password is not matched.”;
18. }
19. }
20. ?>
21.  
22. $username= ($_POST['username']);
23. $password = md5($_POST['password']);
24.  
25. Bug Fixed : $username=addslashes(trim($_POST[username])); /* tambahkan $username=addslashes(trim sebelum ($_POST
26.  
27. <?php
28. $message = "";
29. if(isset($_POST['submit'])){
30. $username = addslashes(trim($_POST['username']));
31. $password = md5($_POST['password']);
32. $query = "SELECT * FROM admin WHERE username = '$username' and password = '$password' and usertype = '1'";
33. $query_result = mysqli_query($con, $query);
34. if(mysqli_num_rows($query_result)){
35. $row = mysqli_fetch_assoc($query_result);
36. $_SESSION['admin_id'] = $row['id'];
37. $_SESSION['username'] = $row['username'];
38. header("location: index.php");
39. }else{
40. $message = "Username and password is not matched.";
41. }
42. }
43. ?>