Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
security [2019/01/02 11:00]
aducomadmin
security [2019/01/03 14:26] (current)
aducomadmin [SQL injection]
Line 10: Line 10:
  
 <​code>​ <​code>​
-    $app->​main_dbquery_1 -> SetQuery('​select * from phsp_user where userid=:​username and userpsw=:​password'​);​ +    $app->​main_dbquery_1->​SetQuery('​select * from phsp_user where userid=:​username and userpsw=:​password'​);​ 
-    $app->​main_dbquery_1 -> StringFieldByName(':​username',​$app->​main_edit_1->​value);​ +    $app->​main_dbquery_1->​StringFieldByName(':​username',​$app->​main_edit_1->​value);​ 
-    $app->​main_dbquery_1 -> StringFieldByName(':​password',​$app->​main_edit_2->​value);​ +    $app->​main_dbquery_1->​StringFieldByName(':​password',​$app->​main_edit_2->​value);​ 
-    $result=$app->​main_dbquery_1 -> SimpleOpen(true);​+    $result=$app->​main_dbquery_1->​SimpleOpen(true);​
 </​code>​ </​code>​
 +
  
 ===== XSS (Cross Side Scripting) ===== ===== XSS (Cross Side Scripting) =====