Jump to content

php.lv forumi

Existing user? Sign In
Sign In

Remember me Not recommended on shared computers

Forgot your password?

Or sign in with one of these services
Sign Up

Browse
- Forums
- Staff
- Online Users
- More
Activity
- All Activity
- Search
- More
More
- More

Iesācējiem

hacki

yeahz

By yeahz
October 3, 2009 in Iesācējiem

Share

Recommended Posts

yeahz

Newbie

yeahz

Posted October 3, 2009

- Report
- Share

Posted October 3, 2009

Man interesē vai šeit ir iespējams ko ļaunu izdarīt (jāskatās ir uz query un uz linku)? Ja jā, tad kā izvairīties?

<?php

if (!isset($_GET['username'])) {
echo "Unknown user";
footer();
exit();
}

$user = mysql_query("SELECT id FROM users WHERE username='$_GET[username]'");

?>

adrese izskatās šādi:

http://link.lv/sendmessage/username/

Quote

Link to comment

Share on other sites

waplet

Newbie

waplet

Posted October 3, 2009

- Report
- Share

Posted October 3, 2009

$username = mysql_real_escape_string($_GET['username']);

Quote

Link to comment

Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest

Reply to this topic...

× Pasted as rich text. Paste as plain text instead

Only 75 emoji are allowed.

× Your link has been automatically embedded. Display as a link instead

× Your previous content has been restored. Clear editor

× You cannot paste images directly. Upload or insert images from URL.

Loading...

×

Share

Go to topic listing

×

Browse
- Back
- Forums
- Staff
- Online Users
Activity
- Back
- All Activity
- Search

×

Create New...