aboutsummaryrefslogtreecommitdiff
path: root/xss
diff options
context:
space:
mode:
authorMarcin Zelent <zelent.marcin@gmail.com>2018-05-30 17:56:40 +0200
committerMarcin Zelent <zelent.marcin@gmail.com>2018-05-30 17:56:40 +0200
commit7b2e079f4ef3cd3f16c6c5ca30fc3e97fd982b28 (patch)
treed12bc36051319010fb475a202ad0c97315af0529 /xss
parentbf3c141f3c318b45b1f43d962623587ac26a92a2 (diff)
Added XSS example
Diffstat (limited to 'xss')
-rw-r--r--xss/comments.dbbin0 -> 8192 bytes
-rw-r--r--xss/index.php36
2 files changed, 36 insertions, 0 deletions
diff --git a/xss/comments.db b/xss/comments.db
new file mode 100644
index 0000000..32114c2
--- /dev/null
+++ b/xss/comments.db
Binary files differ
diff --git a/xss/index.php b/xss/index.php
new file mode 100644
index 0000000..e645517
--- /dev/null
+++ b/xss/index.php
@@ -0,0 +1,36 @@
+<?php
+ class MyDB extends SQLite3 {
+ function __construct() {
+ $this->open('comments.db');
+ }
+ }
+
+ if (isset($_POST['user'], $_POST['comment'])) {
+ $user = $_POST['user'];
+ $comment = $_POST['comment'];
+
+ $db = new MyDB();
+
+ $sql = 'INSERT INTO Comments VALUES(\'' . $user . '\',\'' . $comment . '\')';
+ $ret = $db->exec($sql);
+ $db->close();
+ }
+
+ echo '<!DOCTYPE HTML><html><head><title>Comments</title>' .
+ '<meta charset="utf-8"></head><body><h1>Comments</h1>';
+
+ $db = new MyDB();
+
+ $sql = 'SELECT * FROM Comments';
+ $ret = $db->query($sql);
+ while ($row = $ret->fetchArray(SQLITE3_ASSOC))
+ echo '<p><b>' . $row['user'] . '</b> says:<br>' . $row['comment'] . '</p>';
+
+ $db->close();
+
+ echo '<h2>Add comment</h1><form action="index.php" method="post">' .
+ '<input type="text" name="user" placeholder="User name"><br>' .
+ '<input type="text" name="comment" placeholder="Comment"><br>' .
+ '<input type="submit" value="Add"><br>' .
+ '</form></body></html>';
+?>