adoralaura/shopping-list
1
0
Fork 0
mirror of https://github.com/tim-krehan/shopping-list.git synced 2024-11-23 22:30:41 +01:00
Code Issues Projects Releases Packages Wiki Activity

sql inject

Browse source
This commit is contained in:
Tim Krehan 2019-05-22 10:45:09 +02:00
parent 531c210b75
commit 6257036261
1 changed files with 14 additions and 9 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

23
php/login.php
View file

@ -4,9 +4,10 @@ include $_SESSION["docroot"].'/config/config.php';
include $_SESSION["docroot"].'/php/connect.php'; include $_SESSION["docroot"].'/php/connect.php';
include $_SESSION["docroot"].'/php/hash.php'; include $_SESSION["docroot"].'/php/hash.php';
$selectQuery = $mysqli->prepare('SELECT `uid`,`username`,`password`,`salt` FROM users WHERE `username`=?;');
$query = 'SELECT `uid`,`username`,`password`,`salt` FROM users WHERE `username`=\''.$_POST['user'].'\';'; $selectQuery->bind_param("s", $_POST['user']);
$result = $mysqli->query($query); $selectQuery->execute();
$result = $selectQuery->get_result();
if ($result->num_rows == 1) if ($result->num_rows == 1)
{ {
@ -27,13 +28,17 @@ if ($result->num_rows == 1)
$session_expiry = date('Y-m-d H:i:s', time()+86400); $session_expiry = date('Y-m-d H:i:s', time()+86400);
} }
$mysqli->query('INSERT INTO `sessions` (`session_id`, `user`, `expires`) VALUES (\''.$token.'\', \''.$userdetails["uid"].'\', \''.$session_expiry.'\'); '); $insertQuery = $mysqli->prepare('INSERT INTO `sessions` (`session_id`, `user`, `expires`) VALUES (?,?,?);');
$insertQuery->bind_param("sss", $token, $userdetails["uid"], $session_expiry);
$insertQuery->execute();
} }
$mysqli->query('UPDATE `users` SET `last_login` = \''.date("Y-m-d H:i:s").'\' WHERE `uid` = \''.$userdetails["uid"].'\';'); $updateQuery = $mysqli->prepare("UPDATE `users` SET `last_login` = \'".date("Y-m-d H:i:s")."\' WHERE `uid` = ?;");
$mysqli->close(); $updateQuery->bind_param($userdetails["uid"]);
header("Location: ".$_POST["refurl"]); $updateQuery->execute();
exit(0); $mysqli->close();
header("Location: ".$_POST["refurl"]);
exit(0);
} }
else else
{ {
@ -41,4 +46,4 @@ else
header("Location: /"); header("Location: /");
exit(1); exit(1);
} }
?> ?>