SQL Injection

<?php
 include_once('db.php');

 if( isset($_POST['email'])
     &amp;&amp; isset($_POST['password'])) {

     _log(__FILE__, $_POST);

     $email = $_POST['email'];
     $pwd = hash('sha256', $_POST['password']);

     $firstname = '';
     $lastname = '';
     $logged_in = false;

     if($conn = new mysqli($servername, $username, $password, $dbname)) {
         $email = mysqli_real_escape_string($conn, $email);
         $sql = "SELECT * FROM MyGuests
             WHERE   email='$email'
                     AND password = '$pwd' ";
         _log(__FILE__, $sql);
         if($res = $conn->query($sql)) {
             while($row = $res->fetch_assoc()) {
                 $firstname = $row['firstname'];
                 $lastname = $row['lastname'];
                 $logged_in = true;
             }
         }
         $conn->close();
     }

     if($logged_in) {
         echo "<strong>Logged in as $firstname $lastname</strong>";
     } else {
         echo '<strong>Login attempt failed</strong>';
     }
 }

 ?>

 <form action="login.php" method="POST">
     <p>E-Mail: <input name="email" /></p>
     <p>Password: <input name="password" /></p>
     <input type="submit" />
 </form>
$email = mysqli_real_escape_string($conn, $email);
SQL Injection
ostfeld@uniplus.de' OR '1'='1

Schreiben Sie einen Kommentar