Jump to content
php.lv forumi

Piev skripts


drellout

Recommended Posts

Izveidoju piev skriptu, gribetos ar jums pakonsulteties ko vajag ieverot kad veido shadu skriptu

<html><body>
<script LANGUAGE=JAVASCRIPT>
function verify(){
      msg = "Do you want to continiu ?"
      return confirm(msg);
}
</SCRIPT>
<?
include ("includes/config.php");
if($ip == "83........."){
echo "Tu edito sidebar_one ! <br>
<form action='?page=add_sidebar_one' onSubmit='return verify()' method='post'>
Bloka nosaukums: <input type='text' name='title' />
Bloka links: <input type='text' name='file' />
<input type='submit' value= 'Pievienot sidebar_one'/>
</form>";} 
else {
echo "Jums nav pieeja pievienot blokus";}
?>
</body></html>

Ar to $ip = 83.... ir tikai pagaidam, kamer nav datubaze ar useriem

<?php
include ("includes/config.php");
$sql="INSERT INTO sidebar_one (title, file)
VALUES
('$_POST[title]','$_POST[file]')";

if (!mysql_query($sql))
 {
 die('Error: ' . mysql_error());
 }
echo "1 sidebar added";
?> 

Jautajumi tadi vai shis ir drosh pret hakeriem ? Ja nav droshi butu labi ja paaraditu kljudas, vai iedotu kadu labaku ideju :) Un kaa var apvienot visu kopaa ? Lai nebutu 2 php faili

Link to comment
Share on other sites

('$_POST[title]','$_POST[file]')

 

Šis vien parāda, ka tu vnk uzprasies uz injekciju!!!!

Uzliec mysql_string_escape() (man liekas, ka šitā bija, nevaru uz sitienu atcerēties)

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
×
×
  • Create New...