I have found this problem in my teacher s notes. I should find a way to trick the database so that the checkUsernamePassword(...) function returns TRUE.
For the beginning, I have tried to simulate this problem and call the function, but I do not understand how the first param should look(I am new to databases).
checkUserPass("users.sql",",Admin","mark56"); //this throws me an error, users.sql being exported from my olready created db in phpmyadmin
function SQLFilter($username, $password){
$commands = array("AND", "OR", "DROP", "CREATE", "SELECT", "DELETE", "LIKE",
"LIMIT", "ORDER BY", "JOIN", "UNION", "INSERT", "UPDATE", "REGEXP", "WHERE",
"HAVING", "TRUNCATE", "DISTINCT");
foreach($commands as $command)
{
$username = str_ireplace($command, "", $username);
$password = str_ireplace($command, "", $password);
}
return array($username, $password);
}
function checkUsernamePassword($db, $username, $password)
{
if (!$db) {
echo "Error connecting to database.";
return false;
}
list($username, $password) = SQLFilter($username, $password);
//It is all clear until HERE
//I've tried to verify how this function work, but I cannot realise how should I call the function checkUsernamePassword (first parameter??)
$res = sqlite_query($db, "SELECT 1 FROM users WHERE username='$username' AND password='$password'", $error);
if (!$res) {
echo htmlentities($error, ENT_QUOTES);
return false;
}
$num_rows = sqlite_num_rows($res);
sqlite_close($db);
if ($num_rows==1)
return true;
return false;
}
Aucun commentaire:
Enregistrer un commentaire