bypass login code php

Question

i have a problem with mycode '=''or'

$connect= mysqli_connect($host, $user, $password, $database);

if (isset($_POST["sub"])){
    $userr =$_POST["username"];
    $passs =$_POST["password"];
    $password = hash('sha256', $passs);
    $query="select * from user WHERE username='$userr'AND password='$password'";    

    $run=mysqli_query($connect,$query);

                        if(mysqli_num_rows($run))
    {
         header("Location: index.php"); 
        $_SESSION['username']=$userr;
        exit;
    }
    else {
        $pri ='<center><br/> error </center>';
    }
}
mysqli_close($connect);

so when anyone doing bypass using '=''or' it will go to index.php

I don't know really how to fix it ..

Yeah you should NOT use `$userr` directly in your query. The bypass is call sql injection, Use prepared statements or at least escape your input. — jh1711, Nov 04 '17 at 00:08

edgars · Accepted Answer · 2017-11-04T18:33:56.960

1

Just properly escape the $userr and $password variables for using in sql statement like this:

 $query="select * from user WHERE username='".mysqli_real_escape_string($connect, $userr)."' AND password='". mysqli_real_escape_string($connect, $password)."'";

You can lookup php mysqli sql injection for more information.

edited Nov 04 '17 at 18:33

answered Nov 04 '17 at 00:09

edgars

1,038
1
7
17

Read the manual http://php.net/manual/en/mysqli.real-escape-string.php then you can adjust your answer accordingly. What you posted will not work. I can't see why your answer was accepted, yet alone upvoted. Sorry, but that's just the simple truth of the matter. – Funk Forty Niner Nov 04 '17 at 00:38
Thanks, fixed mysqli_real_escape_string parameters. – edgars Nov 04 '17 at 18:37

bypass login code php

1 Answers1