Question: How can I make a SQL Injection for the following: (This is a login page) Login

How can I make a SQL Injection for the following:

(This is a login page)

$servername = "localhost";

$username = "root";

$password = "";

$dbname = "firstprojectdatabase";

// connection

$conn = mysqli_connect($servername, $username, $password, $dbname);

// Check connection

if (mysqli_connect_error()) {

die("Database connection failed: " . mysqli_connect_error());

}

if ($_POST){

$uname = $_POST["username"];

$pass = $_POST["password"];

$sql = "SELECT * FROM firsttable WHERE username = '$uname' AND password = '$pass'";

$result = mysqli_query($conn, $sql);

if(mysqli_num_rows($result)==1){

echo "WELCOME!";

} else {

echo "Incorrect password or username";

}

}

?>

Login

Step by Step Solution

There are 3 Steps involved in it

1 Expert Approved Answer
Step: 1 Unlock blur-text-image
Question Has Been Solved by an Expert!

Get step-by-step solutions from verified subject matter experts

Step: 2 Unlock
Step: 3 Unlock

Students Have Also Explored These Related Databases Questions!

Q:

Project: SQL Injection Vulnerabilities and Prevention in a Login System Objective: The purpose of this project is to help you understand SQL injection vulnerabilities and how to protect a login...

Q:

SQL Injection AttacksImplement two different web sites having login pages with the following difference: 1 . In the first one, SQLi attacks should be possible . 2 . In the second one, prevent SQLi...

Q:

Project objective: As a Full Stack Developer, design and develop an airline booking portal named as FlyAway. Use the GitHub repository to manage the project artifacts. Background of the problem...

Q:

I listed the codes for the following project below. The Login page loads normally; when I input the correct username and password in the Members page, it doesn't take me to "Welcome to the Members...

Q:

Need an er diagram for virtual grocery system with the following functions included: 1. Login page( username, password, forget password button) 2. Add product page 3. Make purchases page (show...

Q:

Using HTML, CSS and JavaScript Create the following: 1. Create a login page and Accounts Page: (this part has been done) 2. When the user logs in, take them to the accounts page, and also add an...

Q:

KINDLY SOLVE THIS USING PHP AND SQL. In this project, you and your team will build a showroon managenent systen using PHP and a SQL- database that allons users to create, read, update, and delete...

Q:

13.The web pages shown in the "Login_Search.jpg" file given in the resource folder are from online used parts selling website. You have identified that there are SQL injection vulnerabilities in...

Q:

How do I make a prepared statement with variable binding (aka parameterized queries) for the below code application? I have accessed SQL Injection Prevention Cheat Sheet...

Q:

There are two problems due this week (each worth 35 points) as follows. Case 5-1David L. Miller: Portrait of a White-Collar Criminal (page 144). In comprehensive paragraphs, answerrequirements 1?6....

Q:

K Beginning in January, a person plans to deposit $1 at the end of each month into an account earning 3% compounded monthly. Each year taxes must be paid on the interest earned during that year. Find...

Q:

Repeat Exercise for the 20082009 NFL seasons. In exercise, the practitioner also recorded the average away attendance for each team in the 2012 season. Because visiting teams take a share of the...

Q:

6. On a production possibilities curve, a change from economic inefficiency to economic efficiency is obtained by a. movement along the curve. b. movement from a point outside the curve to a point on...

Q:

Suppose a stock had an initial price of $68 per share, paid a dividend of $2.00 per share during the year, and had an ending share price of $80. Compute the percentage total return. (Do not round...

Q:

Explain the relationship among findings, conclusions, and recommendations. (Objective 3 )

Q:

Why is the choice of format important with a formal report? (Objective 5)

Q:

What factors should be considered when formatting a written report? (Objective 5)