virusdefender/sqli.php

## sqli.php
<?php
header("Content-type: text/html;charset=gbk");
define("HOST",'127.0.0.1');
define("USER",'root');
define("PASS",'testtest');
define("DB",'test');

foreach($_GET as $key => $val){
        $_GET[$key] = addslashes($val);
    }

$conn=mysql_connect(HOST,USER,PASS) or die('<center><h2>Could not connect:'.mysql_error()."</h2></center>");
mysql_select_db(DB,$conn);
mysql_query("set names 'gbk'");
$id=$_GET['id']?$_GET['id']:'1';
$sql="select * from article where id='$id'";
$result=mysql_query($sql) or die(mysql_error());
if ($result){
$row = mysql_fetch_array($result);
echo "<center><h1>".$row['content']."</h1></center>";
}
?>
	<?php
	header("Content-type: text/html;charset=gbk");
	define("HOST",'127.0.0.1');
	define("USER",'root');
	define("PASS",'testtest');
	define("DB",'test');

	foreach($_GET as $key => $val){
	$_GET[$key] = addslashes($val);
	}

	$conn=mysql_connect(HOST,USER,PASS) or die('<center><h2>Could not connect:'.mysql_error()."</h2></center>");
	mysql_select_db(DB,$conn);
	mysql_query("set names 'gbk'");
	$id=$_GET['id']?$_GET['id']:'1';
	$sql="select * from article where id='$id'";
	$result=mysql_query($sql) or die(mysql_error());
	if ($result){
	$row = mysql_fetch_array($result);
	echo "<center><h1>".$row['content']."</h1></center>";
	}
	?>