wellingtonlee/vuln.php

## vuln.php
$sql_username = "root";
$sql_password = "forensics";
$db_name = "vuln";


if (isset($_GET['username']))
{
  $username = $_GET['username'];
  $password = $_GET['password'];
}


// Create connection
$conn = new mysqli($servername, $sql_username, $sql_password, $db_name);


// Check connection
if ($conn->connect_error) {
    die("Connection failed: " . $conn->connect_error);
}


$sql = "select * from users WHERE user_name = '$username'";
$result = $conn->query($sql);


if($result->num_rows>0)
{
  while ($row = $result->fetch_assoc()){
    if (!strcmp($password,$row["password"]))
     {
       echo "welcome $username:";
       echo "<br/>";
       echo "you successfully login!";
     }
    else
     {
       echo "sorry $username";
       echo "<br/>";
       echo "your login credential is not correct!";
     }
  }
}
else
{
  echo "Error: username does not exists!";
}
?>
	$sql_username = "root";
	$sql_password = "forensics";
	$db_name = "vuln";


	if (isset($_GET['username']))
	{
	$username = $_GET['username'];
	$password = $_GET['password'];
	}


	// Create connection
	$conn = new mysqli($servername, $sql_username, $sql_password, $db_name);


	// Check connection
	if ($conn->connect_error) {
	die("Connection failed: " . $conn->connect_error);
	}




	$sql = "select * from users WHERE user_name = '$username'";
	$result = $conn->query($sql);


	if($result->num_rows>0)
	{
	while ($row = $result->fetch_assoc()){
	if (!strcmp($password,$row["password"]))
	{
	echo "welcome $username:";
	echo "<br/>";
	echo "you successfully login!";
	}
	else
	{
	echo "sorry $username";
	echo "<br/>";
	echo "your login credential is not correct!";
	}
	}
	}
	else
	{
	echo "Error: username does not exists!";
	}
	?>