12345678910111213141516 | <html><body><form id="form1" name="form1" method="post" action="login.php"><label>UserName<input name="user" type="text" id="user"/></label><br/><label>Password<input name="password" type="text" id="password"/></label><br/><label><input name="login" type="submit" id="login" value="Login"/></label></body></html> |
12345678910111213141516171819202122232425262728293031323334 | <?phpif(isset($_POST["login"])){$link = mysql_connect("localhost","root","toor") or die ("cannot connect database".mysql_error()); mysql_select_db("member") or die ("cannot select the db"); $query = "select * from user where user='".$_POST["user"]."'and password='".md5($_POST["password"])."'"; echo $query."<br/>"; $result = mysql_query($query) or die ("the query failed:".mysql_error());echo "<br/>"; $match_count = mysql_num_rows($result); if($match_count){while($row = mysql_fetch_assoc($result)){echo "<strong>User: </strong>".$row["user"]."<br/>";echo "<strong>Password: </strong>".$row["password"]."<br/>";echo "<br/>";}}else { echo "Wrong User or password <br/>"; echo '<a href="http://10.1.36.34/login.html">Back</a><br/>';} mysql_free_result($result); mysql_close($link);} |
?(2)输入用户名45a’+’b’#
”-”对应的数值为0 -0 =0,会把user对应数值为0的搜寻出来