sql inject

2024-11-23 22:30:41 +01:00 · 2019-05-22 10:45:09 +02:00 · 2019-05-22 10:45:09 +02:00 · 6257036261
commit 6257036261
parent 531c210b75
1 changed files with 14 additions and 9 deletions
--- a/php/login.php
+++ b/php/login.php
@ -4,9 +4,10 @@ include $_SESSION["docroot"].'/config/config.php';
 include $_SESSION["docroot"].'/php/connect.php';
 include $_SESSION["docroot"].'/php/hash.php';

-
-$query = 'SELECT `uid`,`username`,`password`,`salt` FROM users WHERE `username`=\''.$_POST['user'].'\';';
-$result = $mysqli->query($query);
+$selectQuery = $mysqli->prepare('SELECT `uid`,`username`,`password`,`salt` FROM users WHERE `username`=?;');
+$selectQuery->bind_param("s", $_POST['user']);
+$selectQuery->execute();
+$result = $selectQuery->get_result();

 if ($result->num_rows == 1)
 {
@ -27,13 +28,17 @@ if ($result->num_rows == 1)
      $session_expiry = date('Y-m-d H:i:s', time()+86400);
    }

-    $mysqli->query('INSERT INTO `sessions` (`session_id`, `user`, `expires`) VALUES (\''.$token.'\', \''.$userdetails["uid"].'\', \''.$session_expiry.'\'); ');
+    $insertQuery = $mysqli->prepare('INSERT INTO `sessions` (`session_id`, `user`, `expires`) VALUES (?,?,?);');
+    $insertQuery->bind_param("sss", $token, $userdetails["uid"], $session_expiry);
+    $insertQuery->execute();

  }
-    $mysqli->query('UPDATE `users` SET `last_login` = \''.date("Y-m-d H:i:s").'\'  WHERE `uid` = \''.$userdetails["uid"].'\';');
-    $mysqli->close();
-    header("Location: ".$_POST["refurl"]);
-    exit(0);
+  $updateQuery = $mysqli->prepare("UPDATE `users` SET `last_login` = \'".date("Y-m-d H:i:s")."\'  WHERE `uid` = ?;");
+  $updateQuery->bind_param($userdetails["uid"]);
+  $updateQuery->execute();
+  $mysqli->close();
+  header("Location: ".$_POST["refurl"]);
+  exit(0);
 }
 else
 {
@ -41,4 +46,4 @@ else
  header("Location: /");
  exit(1);
 }
-?>
+?>