21,893
社区成员




<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>登陆界面-SQl注入测试</title>
</head>
<body>
<form method="post" name="form1" action="loginCl.php">
<table>
<tr><td>用户名:</td><td><input type="text" name="username"/></td></tr>
<tr><td>密 码:</td><td><input type="password" name="password"/></td></tr>
<tr><td><input type="submit" value="登陆"/></td><td><input type="reset" value="重置"/></td></tr>
</table>
</form>
</body>
</html>
<?php
$username = $_REQUEST['username'];
$password = $_REQUEST['password'];
$conn=mysql_connect('localhost','root','315824');
if(!$conn){
echo "数据库连接失败".mysql_error();
}
mysql_select_db('test',$conn);
$sql="select * from users where username='$username' and password='$password'";
$res=mysql_query($sql,$conn);
if( mysql_num_rows($res) != 0 ){
header("location:manageCenter.php");
}else{
echo "用户名或密码错误,<a href='login.php'>重新登陆</a>";
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>管理中心</title>
</head>
<body>
欢迎管理员,管理中心!
</body>
</html>