<?php const DVWA_WEB_PAGE_TO_ROOT = ''; require_once DVWA_WEB_PAGE_TO_ROOT . 'dvwa/includes/dvwaPage.inc.php'; dvwaPageStartup(array('phpids')); if (!dvwaIsLoggedIn()) { // The user shouldn't even be on this page //dvwaMessagePush( "You were not logged in" ); dvwaRedirect('login.php'); } dvwaLogout(); dvwaMessagePush("You have logged out"); dvwaRedirect('login.php');
function dvwaDatabaseConnect() { global $_DVWA; global $DBMS; //global $DBMS_connError; global $db; if ($DBMS == 'MySQL') { if (!@mysql_connect($_DVWA['db_server'], $_DVWA['db_user'], $_DVWA['db_password']) || !@mysql_select_db($_DVWA['db_database'])) { //die( $DBMS_connError ); dvwaLogout(); dvwaMessagePush('Unable to connect to the database.<br />' . $DBMS_errorFunc); dvwaRedirect(DVWA_WEB_PAGE_TO_ROOT . 'setup.php'); } // MySQL PDO Prepared Statements (for impossible levels) $db = new PDO('mysql:host=' . $_DVWA['db_server'] . ';dbname=' . $_DVWA['db_database'] . ';charset=utf8', $_DVWA['db_user'], $_DVWA['db_password']); $db->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION); $db->setAttribute(PDO::ATTR_EMULATE_PREPARES, false); } elseif ($DBMS == 'PGSQL') { //$dbconn = pg_connect("host={$_DVWA[ 'db_server' ]} dbname={$_DVWA[ 'db_database' ]} user={$_DVWA[ 'db_user' ]} password={$_DVWA[ 'db_password' ])}" //or die( $DBMS_connError ); dvwaMessagePush('PostgreSQL is not yet fully supported.'); dvwaPageReload(); } else { die("Unknown {$DBMS} selected."); } }