PHPize Online / SQLize Online  /  SQLtest Online

A A A
Share      Blog   Popular
Copy Format Clear
CREATE TABLE user_value (`user_name` varchar(4), `user_pass` varchar(3)) ; select * from user_value; select * from admins WHERE admin_email='1 OR 1=1' AND admin_pass='*/'
Copy Clear
Copy Format Clear
<?php $q = mysqli_prepare( $mysqli, "INSERT INTO `user_value` (`user_name`, `user_pass`) VALUES (?, ?)" ); $q->bind_param("ss", $user_names, $user_pass); $q->execute(); $email=mysqli_real_escape_string($mysqli,"\xbf' said'--"); $pass=mysqli_real_escape_string($mysqli,"*/\xbf"); $r="select * from admins WHERE admin_email='".$email."' AND admin_pass='".$pass."'"; echo $r;
Show:  
Copy Clear