Jump to content
php.lv forumi

Recommended Posts

Pricips ir šāds : tikai saliec pareizu selektu un ceļu uz config failu :) , NU protams pielabo tā kā tev vajag!

<?
include("include/config.php");

if(isset($_GET['user'])) {
$userid = $_GET['user'];
$query = mysql_query("SELECT * FROM lietotaji WHERE id = '$userid'");
while($userrow = mysql_fetch_array($query)){
echo "<br />
<br >Vārds:  " . $userrow['vaards'] . "
<img align='right' class='photo_author' style='margin-top: -35px;' src='" . $userrow['bilde'] . "' width='90' height='90' alt='Bilde' />
<br >Uzvārds:  " . $userrow['uzvards'] . "
<br >Vecums:  " . $userrow['vecums'] . "
<br >Ēmails:  " . $userrow['epasts'] . "
";
}
}
else{

}
?>

Edited by xmas12
Link to post
Share on other sites

Xmas12 - kas notiks, ja es ieiešu, piemēram ?user=1' OR '1'='1 ?? Caurs ir tas tavs kods.

 

Edit: pārrunājos. Drīzāk tur varētu likt drop table.

Edited by m8t
Link to post
Share on other sites

Xmas12 - kas notiks, ja es ieiešu, piemēram ?user=1' OR '1'='1 ?? Caurs ir tas tavs kods.

 

Edit: pārrunājos. Drīzāk tur varētu likt drop table.

 

ar mysql_query var izpildīt tikai vienu kvēriju.

Link to post
Share on other sites

Kaut kā nesanāk palaist

mans config

<?php
$db_host="localhost";
$db_user="root";
$db_pass="parole";
$db_name="db";
$connection=mysql_connect($db_host, $db_user, $db_pass) or die(mysql_error());
mysql_select_db($db_name, $connection);
mysql_query("SET NAMES utf8");
?>

Kā īsti apskatīt to profilu.Neprotu ka palaist ?user=1 vai 1=1

Link to post
Share on other sites

Pirmkārt, Tev ir izveidota datubāze?? =) (Tu ar to skriptu tai tikai pieslēdzies)

Vai Tev ir datubāzē vajadzīgie dati?? =) (piereģistrēts lietotājs)

Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
×
×
  • Create New...