Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- $servername = "localhost";
- $username = "pi";
- $password = "raspberry";
- $dbname = "sql_injections";
- //Create a connection
- $conn = new mysqli($servername, $username, $password, $dbname);
- //Check the connection
- if ($conn->connect_error)
- {
- die ("Connection failed!");
- }
- try
- {
- $check_login_credentials = $conn->query("SELECT * FROM accounts WHERE Username='".$_POST[username]."' AND Password='".$_POST[password]."';");
- }
- catch (Exception $login_data_exception)
- {
- echo "[!] Error: ".$login_data_exception->getMessage()."\n";
- }
- if (!$check_login_credentials)
- {
- echo "[!] Wrong credentials! ";
- echo "Username: ".$_POST[username]." Password: ".$_POST[password];
- }
- else
- {
- echo "[+] You are now logged in. The provided credentials have been found in our database!";
- }
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement