Code: Select all
<?session_start();?>
<?php include("../include/config.php")?>
<?
$sql="select * from libraly_user where user_username='".$_POST['use']."' and user_password='".$_POST['pwd']."'";
$rs=mysql_query($sql)or die(mysql_error());
$row=mysql_fetch_assoc($rs);
$num=mysql_num_rows($rs);
if($num>0){
session_register("ss_use");
session_register("ss_id");
session_register("ss_lv");
$_SESSION['ss_use']=$_POST['use'];
$_SESSION['ss_lv']=$row['user_level'];
$_SESSION['ss_id']=session_id;
echo "<script>location.replace('index.php?pagetype=1');</script>";
}else{
echo "<script>location.replace('login.php?err=1');</script>";
}
?>
i've checked sql variable . it print that
select * from libraly_user where user_username='aaa' and user_password='nopwd\'or\'1\'=\'1'
this is reason why i can't access index page ($_POST['pwd']=nopwd\'or\'1\'=\'1)
but why ? $_POST['pwd']=nopwd\'or\'1\'=\'1
if anyone know pls tell me and if you don't understand what i'm meaning you can asked me
thanks