02.07.2013, 00:19
|
|
Новичок
Регистрация: 09.04.2005
Сообщений: 29
С нами:
11099185
Репутация:
17
|
|
как сделать SQL INJ ?
PHP код:
[COLOR="#000000"][COLOR="#0000BB"][/COLOR][COLOR="#007700"]include[/COLOR][COLOR="#DD0000"]"config.php"[/COLOR][COLOR="#007700"];
include[/COLOR][COLOR="#DD0000"]"functions.php"[/COLOR][COLOR="#007700"];
[/COLOR][COLOR="#0000BB"]$connect[/COLOR][COLOR="#007700"]=[/COLOR][COLOR="#0000BB"]mysql_connect[/COLOR][COLOR="#007700"]([/COLOR][COLOR="#0000BB"]$sms_hostname[/COLOR][COLOR="#007700"],[/COLOR][COLOR="#0000BB"]$sms_username[/COLOR][COLOR="#007700"],[/COLOR][COLOR="#0000BB"]$sms_password[/COLOR][COLOR="#007700"]) or die([/COLOR][COLOR="#0000BB"]mysql_error[/COLOR][COLOR="#007700"]());
[/COLOR][COLOR="#0000BB"]$select[/COLOR][COLOR="#007700"]=[/COLOR][COLOR="#0000BB"]mysql_select_db[/COLOR][COLOR="#007700"]([/COLOR][COLOR="#0000BB"]$sms_database[/COLOR][COLOR="#007700"],[/COLOR][COLOR="#0000BB"]$connect[/COLOR][COLOR="#007700"]) or die([/COLOR][COLOR="#0000BB"]mysql_error[/COLOR][COLOR="#007700"]());
[/COLOR][COLOR="#0000BB"]$ip[/COLOR][COLOR="#007700"]=[/COLOR][COLOR="#0000BB"]$_SERVER[/COLOR][COLOR="#007700"][[/COLOR][COLOR="#DD0000"]'REMOTE_ADDR'[/COLOR][COLOR="#007700"]];
[/COLOR][COLOR="#0000BB"]$c[/COLOR][COLOR="#007700"]= ([/COLOR][COLOR="#0000BB"]$_GET[/COLOR][COLOR="#007700"][[/COLOR][COLOR="#DD0000"]'c'[/COLOR][COLOR="#007700"]]);
[/COLOR][COLOR="#0000BB"]$p[/COLOR][COLOR="#007700"]= ([/COLOR][COLOR="#0000BB"]$_GET[/COLOR][COLOR="#007700"][[/COLOR][COLOR="#DD0000"]'p'[/COLOR][COLOR="#007700"]]);
[/COLOR][COLOR="#0000BB"]$ingame[/COLOR][COLOR="#007700"]= ([/COLOR][COLOR="#0000BB"]$_GET[/COLOR][COLOR="#007700"][[/COLOR][COLOR="#DD0000"]'ingame'[/COLOR][COLOR="#007700"]]);
if([/COLOR][COLOR="#0000BB"]$ingame[/COLOR][COLOR="#007700"]!=[/COLOR][COLOR="#0000BB"]1[/COLOR][COLOR="#007700"]){
[/COLOR][COLOR="#0000BB"]$ingame[/COLOR][COLOR="#007700"]=[/COLOR][COLOR="#0000BB"]0[/COLOR][COLOR="#007700"];
}
[/COLOR][COLOR="#0000BB"]$page[/COLOR][COLOR="#007700"]=[/COLOR][COLOR="#0000BB"]$_SERVER[/COLOR][COLOR="#007700"][[/COLOR][COLOR="#DD0000"]'QUERY_STRING'[/COLOR][COLOR="#007700"]];
if([/COLOR][COLOR="#0000BB"]$p[/COLOR][COLOR="#007700"]==[/COLOR][COLOR="#DD0000"]"atgauti"[/COLOR][COLOR="#007700"]){
echo[/COLOR][COLOR="#DD0000"]"Paslaugu Grazinimas
table.sarasas {
font-size:12px;
}
Paslaugu Grazinimas
"[/COLOR][COLOR="#007700"];
echo[/COLOR][COLOR="#DD0000"]"Paslaugos susigrazinimo forma pagal savo sena IP (Internet Protocol),
numeri (is kurio paskutini karta uzsisakete paslauga),
data (kada paskutini karta pirkote paslauga).
"[/COLOR][COLOR="#007700"];
echo[/COLOR][COLOR="#DD0000"]"
Senas IP:
Numeris:
Naujas IP:
Kada uzsisakete VIP, ADMIN..:
* Viska butina teisingai uzpildyti - Kitaip neatgausi paslaugos!
"[/COLOR][COLOR="#007700"];
}else if([/COLOR][COLOR="#0000BB"]$p[/COLOR][COLOR="#007700"]==[/COLOR][COLOR="#DD0000"]"unban"[/COLOR][COLOR="#007700"]){
echo[/COLOR][COLOR="#DD0000"]"Unban
Unban
"[/COLOR][COLOR="#007700"];
[/COLOR][COLOR="#0000BB"]$connect[/COLOR][COLOR="#007700"]=[/COLOR][COLOR="#0000BB"]mysql_connect[/COLOR][COLOR="#007700"]([/COLOR][COLOR="#0000BB"]$amxbans_hostname[/COLOR][COLOR="#007700"],[/COLOR][COLOR="#0000BB"]$amxbans_username[/COLOR][COLOR="#007700"],[/COLOR][COLOR="#0000BB"]$amxbans_password[/COLOR][COLOR="#007700"]) or die([/COLOR][COLOR="#0000BB"]mysql_error[/COLOR][COLOR="#007700"]());
[/COLOR][COLOR="#0000BB"]$select[/COLOR][COLOR="#007700"]=[/COLOR][COLOR="#0000BB"]mysql_select_db[/COLOR][COLOR="#007700"]([/COLOR][COLOR="#0000BB"]$amxbans_database[/COLOR][COLOR="#007700"],[/COLOR][COLOR="#0000BB"]$connect[/COLOR][COLOR="#007700"]) or die([/COLOR][COLOR="#0000BB"]mysql_error[/COLOR][COLOR="#007700"]());
[/COLOR][COLOR="#0000BB"]$result[/COLOR][COLOR="#007700"]=[/COLOR][COLOR="#0000BB"]mysql_query[/COLOR][COLOR="#007700"]([/COLOR][COLOR="#DD0000"]"SELECT bid FROM amx_bans"[/COLOR][COLOR="#007700"]) or die([/COLOR][COLOR="#0000BB"]mysql_error[/COLOR][COLOR="#007700"]());
[/COLOR][COLOR="#0000BB"]$rows[/COLOR][COLOR="#007700"]=[/COLOR][COLOR="#0000BB"]mysql_num_rows[/COLOR][COLOR="#007700"]([/COLOR][COLOR="#0000BB"]$result[/COLOR][COLOR="#007700"]);
echo[/COLOR][COLOR="#DD0000"]"Bans in database: "[/COLOR][COLOR="#007700"].[/COLOR][COLOR="#0000BB"]$rows[/COLOR][COLOR="#007700"].[/COLOR][COLOR="#DD0000"]"
IP address - "[/COLOR][COLOR="#007700"].[/COLOR][COLOR="#0000BB"]$ip[/COLOR][COLOR="#007700"].[/COLOR][COLOR="#DD0000"]"
"[/COLOR][COLOR="#007700"];
[/COLOR][COLOR="#0000BB"]$r[/COLOR][COLOR="#007700"]=[/COLOR][COLOR="#0000BB"]mysql_query[/COLOR][COLOR="#007700"]([/COLOR][COLOR="#DD0000"]"SELECT * FROM amx_bans WHERE player_ip = '[/COLOR][COLOR="#0000BB"]$ip[/COLOR][COLOR="#DD0000"]' LIMIT 1"[/COLOR][COLOR="#007700"]);
[/COLOR][COLOR="#0000BB"]$row[/COLOR][COLOR="#007700"]=[/COLOR][COLOR="#0000BB"]mysql_fetch_array[/COLOR][COLOR="#007700"]([/COLOR][COLOR="#0000BB"]$r[/COLOR][COLOR="#007700"],[/COLOR][COLOR="#0000BB"]MYSQL_ASSOC[/COLOR][COLOR="#007700"]);
if(![/COLOR][COLOR="#0000BB"]$row[/COLOR][COLOR="#007700"]) {
echo[/COLOR][COLOR="#DD0000"]"Status: Not banned.
"[/COLOR][COLOR="#007700"];
} else {
echo[/COLOR][COLOR="#DD0000"]"Status: You have been banned!
Reason: [/COLOR][COLOR="#0000BB"]$row[/COLOR][COLOR="#007700"][[/COLOR][COLOR="#0000BB"]ban_reason[/COLOR][COLOR="#007700"]][/COLOR][COLOR="#DD0000"]
"[/COLOR][COLOR="#007700"];
[/COLOR][COLOR="#0000BB"]$connect[/COLOR][COLOR="#007700"]=[/COLOR][COLOR="#0000BB"]mysql_connect[/COLOR][COLOR="#007700"]([/COLOR][COLOR="#0000BB"]$sms_hostname[/COLOR][COLOR="#007700"],[/COLOR][COLOR="#0000BB"]$sms_username[/COLOR][COLOR="#007700"],[/COLOR][COLOR="#0000BB"]$sms_password[/COLOR][COLOR="#007700"]) or die([/COLOR][COLOR="#0000BB"]mysql_error[/COLOR][COLOR="#007700"]());
[/COLOR][COLOR="#0000BB"]$select[/COLOR][COLOR="#007700"]=[/COLOR][COLOR="#0000BB"]mysql_select_db[/COLOR][COLOR="#007700"]([/COLOR][COLOR="#0000BB"]$sms_database[/COLOR][COLOR="#007700"],[/COLOR][COLOR="#0000BB"]$connect[/COLOR][COLOR="#007700"]) or die([/COLOR][COLOR="#0000BB"]mysql_error[/COLOR][COLOR="#007700"]());
[/COLOR][COLOR="#0000BB"]$r[/COLOR][COLOR="#007700"]=[/COLOR][COLOR="#0000BB"]mysql_query[/COLOR][COLOR="#007700"]([/COLOR][COLOR="#DD0000"]"SELECT * FROM ebank WHERE `mod` = 'unban' LIMIT 1"[/COLOR][COLOR="#007700"]);
[/COLOR][COLOR="#0000BB"]$row[/COLOR][COLOR="#007700"]=[/COLOR][COLOR="#0000BB"]mysql_fetch_array[/COLOR][COLOR="#007700"]([/COLOR][COLOR="#0000BB"]$r[/COLOR][COLOR="#007700"],[/COLOR][COLOR="#0000BB"]MYSQL_ASSOC[/COLOR][COLOR="#007700"]);
[/COLOR][COLOR="#0000BB"]$price[/COLOR][COLOR="#007700"][[/COLOR][COLOR="#0000BB"]unban[/COLOR][COLOR="#007700"]]=[/COLOR][COLOR="#0000BB"]$row[/COLOR][COLOR="#007700"][[/COLOR][COLOR="#DD0000"]'price'[/COLOR][COLOR="#007700"]]/[/COLOR][COLOR="#0000BB"]1000[/COLOR][COLOR="#007700"];
echo[/COLOR][COLOR="#DD0000"]"Unban Price:[/COLOR][COLOR="#0000BB"]$price[/COLOR][COLOR="#007700"][[/COLOR][COLOR="#0000BB"]unban[/COLOR][COLOR="#007700"]][/COLOR][COLOR="#DD0000"]LTL
"[/COLOR][COLOR="#007700"];
}
}else if([/COLOR][COLOR="#0000BB"]$p[/COLOR][COLOR="#007700"]==[/COLOR][COLOR="#DD0000"]"specadmin"[/COLOR][COLOR="#007700"]){
echo[/COLOR][COLOR="#DD0000"]"SPECADMIN order on IP
SPECADMIN order on IP
"[/COLOR][COLOR="#007700"];
echo[/COLOR][COLOR="#DD0000"]" "[/COLOR][COLOR="#007700"];
[/COLOR][COLOR="#0000BB"]$r[/COLOR][COLOR="#007700"]=[/COLOR][COLOR="#0000BB"]mysql_query[/COLOR][COLOR="#007700"]([/COLOR][COLOR="#DD0000"]"SELECT * FROM sms1 WHERE `mod` = 'specadmin' ORDER BY id"[/COLOR][COLOR="#007700"]);
while ([/COLOR][COLOR="#0000BB"]$row[/COLOR][COLOR="#007700"]=[/COLOR][COLOR="#0000BB"]mysql_fetch_assoc[/COLOR][COLOR="#007700"]([/COLOR][COLOR="#0000BB"]$r[/COLOR][COLOR="#007700"]) )
{
echo[/COLOR][COLOR="#DD0000"]" "[/COLOR][COLOR="#007700"];
}
[/COLOR][COLOR="#0000BB"]$r2[/COLOR][COLOR="#007700"]=[/COLOR][COLOR="#0000BB"]mysql_query[/COLOR][COLOR="#007700"]([/COLOR][COLOR="#DD0000"]"SELECT * FROM sms1 WHERE `mod` = 'specadmin' AND `country` = '[/COLOR][COLOR="#0000BB"]$c[/COLOR][COLOR="#DD0000"]'"[/COLOR][COLOR="#007700"]);
[/COLOR][COLOR="#0000BB"]$row2[/COLOR][COLOR="#007700"]=[/COLOR][COLOR="#0000BB"]mysql_fetch_array[/COLOR][COLOR="#007700"]([/COLOR][COLOR="#0000BB"]$r2[/COLOR][COLOR="#007700"],[/COLOR][COLOR="#0000BB"]MYSQL_ASSOC[/COLOR][COLOR="#007700"]);
[/COLOR][COLOR="#0000BB"]$r3[/COLOR][COLOR="#007700"]=[/COLOR][COLOR="#0000BB"]mysql_query[/COLOR][COLOR="#007700"]([/COLOR][COLOR="#DD0000"]"SELECT * FROM amx_amxadmins WHERE `username` = '[/COLOR][COLOR="#0000BB"]$ip[/COLOR][COLOR="#DD0000"]'"[/COLOR][COLOR="#007700"]);
[/COLOR][COLOR="#0000BB"]$row3[/COLOR][COLOR="#007700"]=[/COLOR][COLOR="#0000BB"]mysql_fetch_array[/COLOR][COLOR="#007700"]([/COLOR][COLOR="#0000BB"]$r3[/COLOR][COLOR="#007700"],[/COLOR][COLOR="#0000BB"]MYSQL_ASSOC[/COLOR][COLOR="#007700"]);
if(![/COLOR][COLOR="#0000BB"]$row2[/COLOR][COLOR="#007700"]){
if([/COLOR][COLOR="#0000BB"]$row3[/COLOR][COLOR="#007700"]){
if([/COLOR][COLOR="#0000BB"]$row3[/COLOR][COLOR="#007700"][[/COLOR][COLOR="#0000BB"]access[/COLOR][COLOR="#007700"]] ==[/COLOR][COLOR="#DD0000"]"[/COLOR][COLOR="#0000BB"]$vip_access[/COLOR][COLOR="#DD0000"]"[/COLOR][COLOR="#007700"]){
echo[/COLOR][COLOR="#DD0000"]"
Your VIP end at [/COLOR][COLOR="#0000BB"]$row3[/COLOR][COLOR="#007700"][[/COLOR][COLOR="#0000BB"]timeleft[/COLOR][COLOR="#007700"]][/COLOR][COLOR="#DD0000"]"[/COLOR][COLOR="#007700"];
}else if([/COLOR][COLOR="#0000BB"]$row3[/COLOR][COLOR="#007700"][[/COLOR][COLOR="#0000BB"]access[/COLOR][COLOR="#007700"]] ==[/COLOR][COLOR="#DD0000"]"[/COLOR][COLOR="#0000BB"]$admin_access[/COLOR][COLOR="#DD0000"]"[/COLOR][COLOR="#007700"]){
echo[/COLOR][COLOR="#DD0000"]"
Your ADMIN end at [/COLOR][COLOR="#0000BB"]$row3[/COLOR][COLOR="#007700"][[/COLOR][COLOR="#0000BB"]timeleft[/COLOR][COLOR="#007700"]][/COLOR][COLOR="#DD0000"]"[/COLOR][COLOR="#007700"];
}else if([/COLOR][COLOR="#0000BB"]$row3[/COLOR][COLOR="#007700"][[/COLOR][COLOR="#0000BB"]access[/COLOR][COLOR="#007700"]] ==[/COLOR][COLOR="#DD0000"]"[/COLOR][COLOR="#0000BB"]$specadmin_access[/COLOR][COLOR="#DD0000"]"[/COLOR][COLOR="#007700"]){
echo[/COLOR][COLOR="#DD0000"]"
Your SPECVIP end at [/COLOR][COLOR="#0000BB"]$row3[/COLOR][COLOR="#007700"][[/COLOR][COLOR="#0000BB"]timeleft[/COLOR][COLOR="#007700"]][/COLOR][COLOR="#DD0000"]"[/COLOR][COLOR="#007700"];
}
}
echo[/COLOR][COLOR="#DD0000"]"
Choose your country to order SPECADMIN on IP."[/COLOR][COLOR="#007700"];
die;
}
echo[/COLOR][COLOR="#DD0000"]"
[/COLOR][COLOR="#0000BB"]$c[/COLOR][COLOR="#DD0000"]"[/COLOR][COLOR="#007700"];
[/COLOR][COLOR="#0000BB"]$price[/COLOR][COLOR="#007700"]=[/COLOR][COLOR="#0000BB"]$row2[/COLOR][COLOR="#007700"][[/COLOR][COLOR="#0000BB"]price[/COLOR][COLOR="#007700"]]/[/COLOR][COLOR="#0000BB"]100[/COLOR][COLOR="#007700"];
if([/COLOR][COLOR="#0000BB"]$c[/COLOR][COLOR="#007700"]==[/COLOR][COLOR="#DD0000"]"Lietuva"[/COLOR][COLOR="#007700"]){
echo[/COLOR][COLOR="#DD0000"]"Apmokejimas padidinto tarifo SMS zinutemis:
Siuskite zinute su tekstu: [/COLOR][COLOR="#0000BB"]$row2[/COLOR][COLOR="#007700"][[/COLOR][COLOR="#0000BB"]keyword[/COLOR][COLOR="#007700"]][/COLOR][COLOR="#DD0000"][/COLOR][COLOR="#0000BB"]$ip[/COLOR][COLOR="#DD0000"] numeriu: [/COLOR][COLOR="#0000BB"]$row2[/COLOR][COLOR="#007700"][[/COLOR][COLOR="#0000BB"]number[/COLOR][COLOR="#007700"]][/COLOR][COLOR="#DD0000"] Kaina[/COLOR][COLOR="#0000BB"]$price$row2[/COLOR][COLOR="#007700"][[/COLOR][COLOR="#0000BB"]currency[/COLOR][COLOR="#007700"]][/COLOR][COLOR="#DD0000"]/[/COLOR][COLOR="#0000BB"]$row2[/COLOR][COLOR="#007700"][[/COLOR][COLOR="#0000BB"]days[/COLOR][COLOR="#007700"]][/COLOR][COLOR="#DD0000"]Dienu.
Kai nusiusite SMS zinute iskart po atsakymo SPECADMIN bus automatiskai aktivuotas!
"[/COLOR][COLOR="#007700"];
[/COLOR][COLOR="#0000BB"]$specadmin_900[/COLOR][COLOR="#007700"][[/COLOR][COLOR="#0000BB"]price[/COLOR][COLOR="#007700"]] =[/COLOR][COLOR="#0000BB"]$specadmin_900[/COLOR][COLOR="#007700"][[/COLOR][COLOR="#0000BB"]price[/COLOR][COLOR="#007700"]]/[/COLOR][COLOR="#0000BB"]100[/COLOR][COLOR="#007700"];
if([/COLOR][COLOR="#0000BB"]$ingame[/COLOR][COLOR="#007700"]!=[/COLOR][COLOR="#DD0000"]"1"[/COLOR][COLOR="#007700"]){
echo[/COLOR][COLOR="#DD0000"]"
Ka gauni budamas SPECADMIN?
"[/COLOR][COLOR="#007700"];
}else{ echo[/COLOR][COLOR="#DD0000"]"
"[/COLOR][COLOR="#007700"]; echo[/COLOR][COLOR="#DD0000"]"
Ka gauni budamas SPECADMIN?
"[/COLOR][COLOR="#007700"]; }
}elseif([/COLOR][COLOR="#0000BB"]$c[/COLOR][COLOR="#007700"]==[/COLOR][COLOR="#DD0000"]"Russia"[/COLOR][COLOR="#007700"]){
echo[/COLOR][COLOR="#DD0000"]"Оплата с помощью СМС:
Отправте SMS сообщение: [/COLOR][COLOR="#0000BB"]$row2[/COLOR][COLOR="#007700"][[/COLOR][COLOR="#0000BB"]keyword[/COLOR][COLOR="#007700"]][/COLOR][COLOR="#DD0000"][/COLOR][COLOR="#0000BB"]$ip[/COLOR][COLOR="#DD0000"] на номер: [/COLOR][COLOR="#0000BB"]$row2[/COLOR][COLOR="#007700"][[/COLOR][COLOR="#0000BB"]number[/COLOR][COLOR="#007700"]][/COLOR][COLOR="#DD0000"] цена[/COLOR][COLOR="#0000BB"]$price$row2[/COLOR][COLOR="#007700"][[/COLOR][COLOR="#0000BB"]currency[/COLOR][COLOR="#007700"]][/COLOR][COLOR="#DD0000"]/[/COLOR][COLOR="#0000BB"]$row2[/COLOR][COLOR="#007700"][[/COLOR][COLOR="#0000BB"]days[/COLOR][COLOR="#007700"]][/COLOR][COLOR="#DD0000"]дней.
После получения ответного СМС сообщения SPECADMIN будет активирован!"[/COLOR][COLOR="#007700"];
if([/COLOR][COLOR="#0000BB"]$ingame[/COLOR][COLOR="#007700"]!=[/COLOR][COLOR="#DD0000"]"1"[/COLOR][COLOR="#007700"]){
[/COLOR][COLOR="#0000BB"]$r[/COLOR][COLOR="#007700"]=[/COLOR][COLOR="#0000BB"]mysql_query[/COLOR][COLOR="#007700"]([/COLOR][COLOR="#DD0000"]"SELECT * FROM ebank WHERE `mod` = 'specadmin' ORDER BY price"[/COLOR][COLOR="#007700"]);
echo[/COLOR][COLOR="#DD0000"]"
Оплата через индивидуалные платежные системы:
Выберети SPECADMIN продолжительность:
"[/COLOR][COLOR="#007700"];
echo[/COLOR][COLOR="#DD0000"]"
"[/COLOR][COLOR="#007700"];
while([/COLOR][COLOR="#0000BB"]$row[/COLOR][COLOR="#007700"]=[/COLOR][COLOR="#0000BB"]mysql_fetch_assoc[/COLOR][COLOR="#007700"]([/COLOR][COLOR="#0000BB"]$r[/COLOR][COLOR="#007700"]))
{
[/COLOR][COLOR="#0000BB"]$price[/COLOR][COLOR="#007700"]=[/COLOR][COLOR="#0000BB"]$row[/COLOR][COLOR="#007700"][[/COLOR][COLOR="#DD0000"]'price'[/COLOR][COLOR="#007700"]]/[/COLOR][COLOR="#0000BB"]100[/COLOR][COLOR="#007700"];
echo[/COLOR][COLOR="#DD0000"]' '[/COLOR][COLOR="#007700"].[/COLOR][COLOR="#0000BB"]$row[/COLOR][COLOR="#007700"][[/COLOR][COLOR="#DD0000"]'days'[/COLOR][COLOR="#007700"]].[/COLOR][COLOR="#DD0000"]' дней. - '[/COLOR][COLOR="#007700"].[/COLOR][COLOR="#0000BB"]$price[/COLOR][COLOR="#007700"].[/COLOR][COLOR="#DD0000"]' LTL'[/COLOR][COLOR="#007700"];
}
echo[/COLOR][COLOR="#DD0000"]""[/COLOR][COLOR="#007700"];
echo[/COLOR][COLOR="#DD0000"]"
"[/COLOR][COLOR="#007700"];
}else{ echo[/COLOR][COLOR="#DD0000"]"
"[/COLOR][COLOR="#007700"]; }
echo[/COLOR][COLOR="#DD0000"]"
Что я получу став SPECADMIN'ом?
"[/COLOR][COLOR="#007700"];
}else{
echo[/COLOR][COLOR="#DD0000"]"Payment using SMS:
Send messages with text: [/COLOR][COLOR="#0000BB"]$row2[/COLOR][COLOR="#007700"][[/COLOR][COLOR="#0000BB"]keyword[/COLOR][COLOR="#007700"]][/COLOR][COLOR="#DD0000"][/COLOR][COLOR="#0000BB"]$ip[/COLOR][COLOR="#DD0000"] to number: [/COLOR][COLOR="#0000BB"]$row2[/COLOR][COLOR="#007700"][[/COLOR][COLOR="#0000BB"]number[/COLOR][COLOR="#007700"]][/COLOR][COLOR="#DD0000"] Price[/COLOR][COLOR="#0000BB"]$price$row2[/COLOR][COLOR="#007700"][[/COLOR][COLOR="#0000BB"]currency[/COLOR][COLOR="#007700"]][/COLOR][COLOR="#DD0000"]/[/COLOR][COLOR="#0000BB"]$row2[/COLOR][COLOR="#007700"][[/COLOR][COLOR="#0000BB"]days[/COLOR][COLOR="#007700"]][/COLOR][COLOR="#DD0000"]Days.
When uploading SMS messages immediately after the response SPECADMIN will be automatically activated!
"[/COLOR][COLOR="#007700"];
if([/COLOR][COLOR="#0000BB"]$ingame[/COLOR][COLOR="#007700"]!=[/COLOR][COLOR="#DD0000"]"1"[/COLOR][COLOR="#007700"]){
[/COLOR][COLOR="#0000BB"]$r[/COLOR][COLOR="#007700"]=[/COLOR][COLOR="#0000BB"]mysql_query[/COLOR][COLOR="#007700"]([/COLOR][COLOR="#DD0000"]"SELECT * FROM ebank WHERE `mod` = 'specadmin' ORDER BY price"[/COLOR][COLOR="#007700"]);
echo[/COLOR][COLOR="#DD0000"]"
What you get as a SPECADMIN?
"[/COLOR][COLOR="#007700"];
}else{ echo[/COLOR][COLOR="#DD0000"]"
"[/COLOR][COLOR="#007700"]; echo[/COLOR][COLOR="#DD0000"]"
What you get as a SPECADMIN?
"[/COLOR][COLOR="#007700"]; }
}
if([/COLOR][COLOR="#0000BB"]$c[/COLOR][COLOR="#007700"]==[/COLOR][COLOR="#DD0000"]"Lietuva"[/COLOR][COLOR="#007700"]){
echo[/COLOR][COLOR="#0000BB"]$specadmin_web_access_lt[/COLOR][COLOR="#007700"];
}elseif([/COLOR][COLOR="#0000BB"]$c[/COLOR][COLOR="#007700"]==[/COLOR][COLOR="#DD0000"]"Russia"[/COLOR][COLOR="#007700"]){
echo[/COLOR][COLOR="#0000BB"]$specadmin_web_access_ru[/COLOR][COLOR="#007700"];
}else{
echo[/COLOR][COLOR="#0000BB"]$specadmin_web_access[/COLOR][COLOR="#007700"];
}
[/COLOR][/COLOR]
|
|
|
03.07.2013, 18:59
|
|
Участник форума
Регистрация: 01.12.2011
Сообщений: 120
С нами:
7604246
Репутация:
55
|
|
script.php?p=specadmin&c=1'+union+select+1,2,over doxya,4--+
Про овер дохуя колонок - это сколько их там в таблице sms1, я хз.
В какой колонке будет вывод хз, но ищи гдето в исходнике, в ссылке.
Ну и почитай про иньекции в MySQL, ибо чуствую не поймешь нифига.
|
|
|
|
|
 |
|
Здесь присутствуют: 1 (пользователей: 0 , гостей: 1)
|
|
|
|
Комбинированный вид
