sql inject

This commit is contained in:
Tim Krehan 2019-05-22 10:45:09 +02:00
parent 531c210b75
commit 6257036261

View file

@ -4,9 +4,10 @@ include $_SESSION["docroot"].'/config/config.php';
include $_SESSION["docroot"].'/php/connect.php';
include $_SESSION["docroot"].'/php/hash.php';
$query = 'SELECT `uid`,`username`,`password`,`salt` FROM users WHERE `username`=\''.$_POST['user'].'\';';
$result = $mysqli->query($query);
$selectQuery = $mysqli->prepare('SELECT `uid`,`username`,`password`,`salt` FROM users WHERE `username`=?;');
$selectQuery->bind_param("s", $_POST['user']);
$selectQuery->execute();
$result = $selectQuery->get_result();
if ($result->num_rows == 1)
{
@ -27,10 +28,14 @@ if ($result->num_rows == 1)
$session_expiry = date('Y-m-d H:i:s', time()+86400);
}
$mysqli->query('INSERT INTO `sessions` (`session_id`, `user`, `expires`) VALUES (\''.$token.'\', \''.$userdetails["uid"].'\', \''.$session_expiry.'\'); ');
$insertQuery = $mysqli->prepare('INSERT INTO `sessions` (`session_id`, `user`, `expires`) VALUES (?,?,?);');
$insertQuery->bind_param("sss", $token, $userdetails["uid"], $session_expiry);
$insertQuery->execute();
}
$mysqli->query('UPDATE `users` SET `last_login` = \''.date("Y-m-d H:i:s").'\' WHERE `uid` = \''.$userdetails["uid"].'\';');
$updateQuery = $mysqli->prepare("UPDATE `users` SET `last_login` = \'".date("Y-m-d H:i:s")."\' WHERE `uid` = ?;");
$updateQuery->bind_param($userdetails["uid"]);
$updateQuery->execute();
$mysqli->close();
header("Location: ".$_POST["refurl"]);
exit(0);