Home > Article > Backend Development > PHP injection point construction sample code
PHP injection point construction sample code
- 怪我咯Original
- 2017-07-13 14:28:231199browse
In order to practice SQL injection operations, we can construct the injection point ourselves for testing.
PHP injection point construction example code
Save the following as Test.asp
<?
$mysql_server_name = "localhost";
$mysql_username = "root";
$mysql_password = "password";
$mysql_database = "phpzr"; //??ݿ??
$conn=mysql_connect( $mysql_server_name, $mysql_username, $mysql_password );
mysql_select_db($mysql_database,$conn);
$id=$_GET['id'];
$sql = "select username,password from admin where id=$id";
$result=mysql_db_query( $mysql_database, $sql,$conn );
$row=mysql_fetch_row($result);
?>
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<title>Php Sql Injection Test </title>
</head>
<body>
<p align="center"><b><font color="#FF0000" size="5" face="华文行楷"> </font><font color="#FF0000" size="5" face="华文新魏">PHP
注入测试专用</font></b></p>
<table width="100%" height="25%" border="1" align="center" cellpadding="0" cellspacing="0">
<tr>
<td><?=$row[0]?></td>
</tr>
<tr>
<td><?=$row[1]?></td>
</tr>
</table>
<p><u><font color="#0000FF">BY:孤狐浪子 QQ:393214425 </font></u></p>
<p><font color="#0000FF">Blog: Http://itpro.blog.163.com</font></p>
<p> </p>
</body>
</html>Create databaseCode: Save it as test.sql and use phpmyadmin to execute it.
##
CREATE DATABASE `phpzr` ; //创建数据库名称 CREATE TABLE admin ( id int(10) unsigned NOT NULL auto_increment, username char(10) NOT NULL default '', password char(10) NOT NULL default '', useremail char(20) NOT NULL default '', groupid int(11) NOT NULL default '0', PRIMARY KEY (id) ) TYPE=MyISAM; INSERT INTO admin VALUES (1, 'admin', 'itpro.blog.163.com','itpro@163.com', 1); INSERT INTO admin VALUES (2, 'admin1', 'itpro.blog.163.com','itpro@163.com', 2); INSERT INTO admin VALUES (3, 'admin2', 'itpro.blog.163.com','itpro@163.com', 3); INSERT INTO admin VALUES (4, 'admin3', 'itpro.blog.163.com','itpro@163.com', 4); INSERT INTO admin VALUES (5, 'admin4', 'itpro.blog.163.com','itpro@163.com', 5); CREATE TABLE admin1 ( id int(10) unsigned NOT NULL auto_increment, username char(10) NOT NULL default '', password char(10) NOT NULL default '', useremail char(20) NOT NULL default '', groupid int(11) NOT NULL default '0', PRIMARY KEY (id) ) TYPE=MyISAM; INSERT INTO admin1 VALUES (1, 'admin', 'itpro.blog.163.com','itpro@163.com', 1); INSERT INTO admin1 VALUES (2, 'admin1', 'itpro.blog.163.com','itpro@163.com', 2); INSERT INTO admin1 VALUES (3, 'admin2', 'itpro.blog.163.com','itpro@163.com', 3); INSERT INTO admin1 VALUES (4, 'admin3', 'itpro.blog.163.com','itpro@163.com', 4); INSERT INTO admin1 VALUES (5, 'admin4', 'itpro.blog.163.com','itpro@163.com', 5);
The above is the detailed content of PHP injection point construction sample code. For more information, please follow other related articles on the PHP Chinese website!
Statement:
The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn
Previous article:Usage of php ini_set and ini_get functionsNext article:Usage of php ini_set and ini_get functions