FriLL
07.02.2018, 14:32
Взгляните пожалуйста на код
Переменные $fla_ads_username и $fla_ads_password не имеют фильтрации
Но попытки из серии admin') OR 1=1+--+ успеха не приносят
PHP:
functionfla_ads_Login()
{
global$fla_ads_tbl_clients;
global$fla_ads_username,$fla_ads_password, $fla_ads_cookiecheck;
global$strPasswordWrong;
global$session_id;
//echo $fla_ads_username."
";
if (fla_ads_SuppliedCredentials())
{
if ($session_id!=$fla_ads_cookiec heck)
{
// Cookiecheck failed
$session_id=fla_ads_SessionStart();
fla_ads_LoginScreen("You need to enable cookies before you can use Flapoint Ads",$session_id);
}
// HEmtemp
if (fla_ads_isAdmin($fla_ads_username,$fla_ads_pa ssword))
{
// User is Administrator
return (array ("usertype"=>fla_ads_Admin,
"loggedin"=>"true",
"username"=>$fla_ads_username,
"password"=>$fla_ads_password,
"stats_compact"=>"false",
"stats_view"=>"all",
"stats_order"=>"banner_id")
);
}
else
{
$query="SELECT client_id,permissions,language FROM$fla_a ds_tbl_clientsWHERE (BINARY client_user_name = BINARY '$fla_ads_username') AND (BINARY clien t_password = BINARY '$fla_ads_password')";
$res=db_query($query) ormysql_die();
////echo $query;
////echo "#" . mysql_num_rows($res) . "#";
////exit;
if (mysql_num_rows($res) >0&&$fla_ads_username!=""&&$fla_ads_password!="")
{
// User found with correct password
$row=mysql_fetch_array($res);
return (array ("usertype"=>fla_ads_Client,
"loggedin"=>"true",
"username"=>$fla_ads_username,
"password"=>$fla_ads_password,
"client_id"=>$row['client_id'],
"permissions"=>$row['permissions'],
"language"=>$row['language'],
"stats_compact"=>"false",
"stats_view"=>"all",
"stats_order"=>"banner_id")
);
}
else
{
// Password is not correct or user is not k nown
// Set the session ID now, some server do n ot support setting a cookie during a redire ct
$session_id=fla_ads_SessionStart();
fla_ads_LoginScreen($strPasswordWrong,$session_id) ;
}
}
}
else
{
// User has not supplied credentials yet
// Set the session ID now, some server do n ot support setting a cookie during a redire ct
$session_id=fla_ads_SessionStart();
fla_ads_LoginScreen('',$session_id);
}
}
Переменные $fla_ads_username и $fla_ads_password не имеют фильтрации
Но попытки из серии admin') OR 1=1+--+ успеха не приносят
PHP:
functionfla_ads_Login()
{
global$fla_ads_tbl_clients;
global$fla_ads_username,$fla_ads_password, $fla_ads_cookiecheck;
global$strPasswordWrong;
global$session_id;
//echo $fla_ads_username."
";
if (fla_ads_SuppliedCredentials())
{
if ($session_id!=$fla_ads_cookiec heck)
{
// Cookiecheck failed
$session_id=fla_ads_SessionStart();
fla_ads_LoginScreen("You need to enable cookies before you can use Flapoint Ads",$session_id);
}
// HEmtemp
if (fla_ads_isAdmin($fla_ads_username,$fla_ads_pa ssword))
{
// User is Administrator
return (array ("usertype"=>fla_ads_Admin,
"loggedin"=>"true",
"username"=>$fla_ads_username,
"password"=>$fla_ads_password,
"stats_compact"=>"false",
"stats_view"=>"all",
"stats_order"=>"banner_id")
);
}
else
{
$query="SELECT client_id,permissions,language FROM$fla_a ds_tbl_clientsWHERE (BINARY client_user_name = BINARY '$fla_ads_username') AND (BINARY clien t_password = BINARY '$fla_ads_password')";
$res=db_query($query) ormysql_die();
////echo $query;
////echo "#" . mysql_num_rows($res) . "#";
////exit;
if (mysql_num_rows($res) >0&&$fla_ads_username!=""&&$fla_ads_password!="")
{
// User found with correct password
$row=mysql_fetch_array($res);
return (array ("usertype"=>fla_ads_Client,
"loggedin"=>"true",
"username"=>$fla_ads_username,
"password"=>$fla_ads_password,
"client_id"=>$row['client_id'],
"permissions"=>$row['permissions'],
"language"=>$row['language'],
"stats_compact"=>"false",
"stats_view"=>"all",
"stats_order"=>"banner_id")
);
}
else
{
// Password is not correct or user is not k nown
// Set the session ID now, some server do n ot support setting a cookie during a redire ct
$session_id=fla_ads_SessionStart();
fla_ads_LoginScreen($strPasswordWrong,$session_id) ;
}
}
}
else
{
// User has not supplied credentials yet
// Set the session ID now, some server do n ot support setting a cookie during a redire ct
$session_id=fla_ads_SessionStart();
fla_ads_LoginScreen('',$session_id);
}
}