//$user = $mysqli->real_escape_string( $user ); $pass = $_POST['password']; $pass = stripslashes($pass); $pass = $mysqli->real_escape_string($pass); $pass = md5($pass); $query = "SELECT * FROM `hack.me`.user where username='******' and password='******';"; //echo $query . "\n"; if ($mysqli->multi_query($query)) { do { if ($result = $mysqli->store_result()) { $has_row = false; while ($row = $result->fetch_row()) { $has_row = true; if ($pass == "26a340b11385ebc2db3b462ec2fdfda4" and $user == "admin") { shpaLogin($user); shpaRedirect(SHPA_WEB_PAGE_TO_ROOT . 'index.php'); } else { if ($row[1] != "admin") { printf("%s %s %s %s %s\n", $row[0], $row[1], $row[2], $row[3], $row[4]); printf("-----------------\n"); } } } if (!$has_row) { shpaMessagePush("User Name or Password incorrect"); } $result->free(); } } while ($mysqli->next_result()); } $mysqli->close();
function shpaCheckToken($user_token, $session_token, $returnURL) { # Validate the given (CSRF) token if ($user_token !== $session_token || !isset($session_token)) { shpaMessagePush('CSRF token is incorrect'); shpaRedirect($returnURL); } }