Jump to content
php.lv forumi
Sign in to follow this  
gunmetal

profils

Recommended Posts

Pricips ir šāds : tikai saliec pareizu selektu un ceļu uz config failu :) , NU protams pielabo tā kā tev vajag!

<?
include("include/config.php");

if(isset($_GET['user'])) {
$userid = $_GET['user'];
$query = mysql_query("SELECT * FROM lietotaji WHERE id = '$userid'");
while($userrow = mysql_fetch_array($query)){
echo "<br />
<br >Vārds:  " . $userrow['vaards'] . "
<img align='right' class='photo_author' style='margin-top: -35px;' src='" . $userrow['bilde'] . "' width='90' height='90' alt='Bilde' />
<br >Uzvārds:  " . $userrow['uzvards'] . "
<br >Vecums:  " . $userrow['vecums'] . "
<br >Ēmails:  " . $userrow['epasts'] . "
";
}
}
else{

}
?>

Edited by xmas12

Share this post


Link to post
Share on other sites

Xmas12 - kas notiks, ja es ieiešu, piemēram ?user=1' OR '1'='1 ?? Caurs ir tas tavs kods.

 

Edit: pārrunājos. Drīzāk tur varētu likt drop table.

Edited by m8t

Share this post


Link to post
Share on other sites

Lab nesākšu jaunu tēmu :D

 

Nah man rāda Error - The field is using invalid characters.

 

Tad nesaprotu kā es varu pievienot ko datubāzei :D

Share this post


Link to post
Share on other sites

Xmas12 - kas notiks, ja es ieiešu, piemēram ?user=1' OR '1'='1 ?? Caurs ir tas tavs kods.

 

Edit: pārrunājos. Drīzāk tur varētu likt drop table.

 

ar mysql_query var izpildīt tikai vienu kvēriju.

Share this post


Link to post
Share on other sites

Kaut kā nesanāk palaist

mans config

<?php
$db_host="localhost";
$db_user="root";
$db_pass="parole";
$db_name="db";
$connection=mysql_connect($db_host, $db_user, $db_pass) or die(mysql_error());
mysql_select_db($db_name, $connection);
mysql_query("SET NAMES utf8");
?>

Kā īsti apskatīt to profilu.Neprotu ka palaist ?user=1 vai 1=1

Share this post


Link to post
Share on other sites

Pirmkārt, Tev ir izveidota datubāze?? =) (Tu ar to skriptu tai tikai pieslēdzies)

Vai Tev ir datubāzē vajadzīgie dati?? =) (piereģistrēts lietotājs)

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
Sign in to follow this  

×
×
  • Create New...