Sqli-labs Clearance Transcript -18-Audit SQL injection 2

1<?PHP2 //including the Mysql connect parameters.3Include".. /sql-connections/sql-connect.php");4Error_reporting (0);5     6 function Check_input ($value)7     {8     if(!empty ($value))9         {Ten         //truncation (see comments) One$value = substr ($value,0, -); A         } -  -         //stripslashes if Magic quotes enabled the         if(GET_MAGIC_QUOTES_GPC ()) -             { -$value =stripslashes ($value); -             } +  -         //Quote If not a number +         if(!ctype_digit ($value)) A             { at$value ="'". Mysql_real_escape_string ($value)."'"; -             } -          -     Else -         { -$value =intval ($value); in         } -     return$value; to     } +  -  the  *$uagent = $_server['http_user_agent']; #$_server[' http_user_agent ' means the user_agent of the current request: the contents of the header. More $_server Detailed: http://www.cnblogs.com/xishaonian/p/6160893.html $$IP = $_server['REMOTE_ADDR']; #当前用户的IPPanax NotoginsengEcho"<br>"; -Echo'Your IP address is:'. $IP; theEcho"<br>"; +     //Echo ' Your User Agent is: '. $uagent; A //Take the variables the if(Isset ($_post['uname']) && Isset ($_post['passwd'])) #判断uname和passwd是否输入了 +  -     { $$uname = Check_input ($_post['uname']); #使用check_inpuut函数对传过来的uname进行过滤 $$passwd = Check_input ($_post['passwd']); #使用check_input函数对传过来的passwd进行过滤 -      -      theEcho'Your Your User Name:'. $uname; -Echo"<br>";WuyiEcho'Your Password:'. $passwd; theEcho"<br>"; -Echo'Your User Agent String:'. $uagent; WuEcho"<br>"; -Echo'Your User Agent String:'. $IP; About      $  -     //Logging The connection parameters to a file for analysis.  -$FP =fopen ('Result.txt','a'); -Fwrite ($FP,'User Agent:'. $uname."\ n"); A      + fclose ($fp); the      -      $      the$sql ="SELECT Users.username, Users.password from the users WHERE users.username= $uname and users.password= $passwd ORDER by user S.id DESC LIMIT 0,1"; the$result 1 =mysql_query ($sql); #执行 $sql This SQL statement. Mysql_query is the meaning of executing MySQL.  the$row 1 =mysql_fetch_array ($result 1); the         if($row 1) #如果 $row 1 is True -             { inEcho'<font color= "#FFFF00" Font size = 3 >'; the$insert ="INSERT into ' security '. ' Uagents ' (' uagent ', ' ip_address ', ' username ') VALUES (' $uagent ', ' $IP ', $uname)"; the mysql_query ($insert); About             //Echo ' Your IP address is: '. $IP; theEcho"</font>"; the             //echo "<br>"; theEcho'<font color= "#0000ff" Font size = 3 >';  +Echo'Your User Agent is:'. $uagent; -Echo"</font>"; theEcho"<br>";Bayi Print_r (Mysql_error ());  theEcho"<br><br>"; theEcho''; -Echo"<br>"; -              the             } the         Else the             { theEcho'<font color= "#0000ff" Font size= "3" >'; -             //echo "Try again looser"; the Print_r (Mysql_error ()); theEcho"</br>";  theEcho"</br>";94Echo'';  theEcho"</font>";  the             } the 98     } About  -?>

Go ahead and write it tomorrow. We're off the grid.

Sqli-labs Clearance Transcript -18-Audit SQL injection 2