first commit
Some checks failed
Vulhub Format Check and Lint / format-check (push) Has been cancelled
Vulhub Format Check and Lint / markdown-check (push) Has been cancelled
Vulhub Docker Image CI / longtime-images-test (push) Has been cancelled
Vulhub Docker Image CI / images-test (push) Has been cancelled
Some checks failed
Vulhub Format Check and Lint / format-check (push) Has been cancelled
Vulhub Format Check and Lint / markdown-check (push) Has been cancelled
Vulhub Docker Image CI / longtime-images-test (push) Has been cancelled
Vulhub Docker Image CI / images-test (push) Has been cancelled
This commit is contained in:
17
thinkphp/in-sqlinjection/www/controller/Index.php
Normal file
17
thinkphp/in-sqlinjection/www/controller/Index.php
Normal file
@@ -0,0 +1,17 @@
|
||||
<?php
|
||||
namespace app\index\controller;
|
||||
|
||||
use app\index\model\User;
|
||||
|
||||
class Index
|
||||
{
|
||||
public function index()
|
||||
{
|
||||
$ids = input('ids/a');
|
||||
$t = new User();
|
||||
$result = $t->where('id', 'in', $ids)->select();
|
||||
foreach($result as $row) {
|
||||
echo "<p>Hello, {$row['username']}</p>";
|
||||
}
|
||||
}
|
||||
}
|
||||
51
thinkphp/in-sqlinjection/www/database.php
Normal file
51
thinkphp/in-sqlinjection/www/database.php
Normal file
@@ -0,0 +1,51 @@
|
||||
<?php
|
||||
// +----------------------------------------------------------------------
|
||||
// | ThinkPHP [ WE CAN DO IT JUST THINK ]
|
||||
// +----------------------------------------------------------------------
|
||||
// | Copyright (c) 2006~2016 http://thinkphp.cn All rights reserved.
|
||||
// +----------------------------------------------------------------------
|
||||
// | Licensed ( http://www.apache.org/licenses/LICENSE-2.0 )
|
||||
// +----------------------------------------------------------------------
|
||||
// | Author: liu21st <liu21st@gmail.com>
|
||||
// +----------------------------------------------------------------------
|
||||
|
||||
return [
|
||||
// 数据库类型
|
||||
'type' => 'mysql',
|
||||
// 服务器地址
|
||||
'hostname' => 'mysql',
|
||||
// 数据库名
|
||||
'database' => 'cat',
|
||||
// 用户名
|
||||
'username' => 'root',
|
||||
// 密码
|
||||
'password' => 'root',
|
||||
// 端口
|
||||
'hostport' => '',
|
||||
// 连接dsn
|
||||
'dsn' => '',
|
||||
// 数据库连接参数
|
||||
'params' => [],
|
||||
// 数据库编码默认采用utf8
|
||||
'charset' => 'utf8',
|
||||
// 数据库表前缀
|
||||
'prefix' => '',
|
||||
// 数据库调试模式
|
||||
'debug' => true,
|
||||
// 数据库部署方式:0 集中式(单一服务器),1 分布式(主从服务器)
|
||||
'deploy' => 0,
|
||||
// 数据库读写是否分离 主从式有效
|
||||
'rw_separate' => false,
|
||||
// 读写分离后 主服务器数量
|
||||
'master_num' => 1,
|
||||
// 指定从服务器序号
|
||||
'slave_no' => '',
|
||||
// 是否严格检查字段是否存在
|
||||
'fields_strict' => true,
|
||||
// 数据集返回类型 array 数组 collection Collection对象
|
||||
'resultset_type' => 'array',
|
||||
// 是否自动写入时间戳字段
|
||||
'auto_timestamp' => false,
|
||||
// 是否需要进行SQL性能分析
|
||||
'sql_explain' => false,
|
||||
];
|
||||
13
thinkphp/in-sqlinjection/www/init.sql
Normal file
13
thinkphp/in-sqlinjection/www/init.sql
Normal file
@@ -0,0 +1,13 @@
|
||||
USE `cat`;
|
||||
|
||||
CREATE TABLE IF NOT EXISTS `user` (
|
||||
`id` int(10) unsigned NOT NULL AUTO_INCREMENT,
|
||||
`username` varchar(255) NOT NULL,
|
||||
`password` varchar(255) NOT NULL,
|
||||
PRIMARY KEY (`id`)
|
||||
) AUTO_INCREMENT=1 ;
|
||||
|
||||
INSERT INTO `user` (`username`, `password`) VALUES
|
||||
('admin', 'admin');
|
||||
INSERT INTO `user` (`username`, `password`) VALUES
|
||||
('test', 'test');
|
||||
9
thinkphp/in-sqlinjection/www/model/User.php
Normal file
9
thinkphp/in-sqlinjection/www/model/User.php
Normal file
@@ -0,0 +1,9 @@
|
||||
<?php
|
||||
namespace app\index\model;
|
||||
|
||||
use think\Model;
|
||||
|
||||
class User extends Model
|
||||
{
|
||||
protected $table = 'user';
|
||||
}
|
||||
Reference in New Issue
Block a user