23.11.2009, 14:52
|
|
Участник форума
Регистрация: 15.08.2008
Сообщений: 167
Провел на форуме:
3009843
Репутация:
204
|
|
Blob CMS
Sql-injection
/blogin.php
PHP код:
if(!isset($_SESSION['logged'])){
//This happens when they've tried to log in at least once. First, check their credentials.
$usernum = blob_check_login($_POST['buname'], $_POST['bpword']);
$lattempt = $_POST['lattempt'];
if($lattempt < 3 && $usernum == "FAIL") {
//Whoops, wrong password. Try again.
$page['pagetitle'] = "User Login";
$lattempt++;
?>
Смотрим функцию blob_check_login()
/blob.php
PHP код:
function blob_check_login ($username, $password) {
//This function, obviously, checks a username and password pair.
$goodname = strtolower($username); //Yeah, I hate case-sensitive usernames. Fuck y'all.
$goodpass = md5($password);
blob_connect();
$query = "SELECT * FROM `" . UTABLE . "` WHERE `bl0bdeath`='" . $goodname . "' AND `bl0bnumber`='" . $goodpass . "'";
$result = @mysql_query($query);
|
|
|