aboutsummaryrefslogtreecommitdiff
path: root/xss
diff options
context:
space:
mode:
Diffstat (limited to 'xss')
-rw-r--r--xss/comments.dbbin8192 -> 0 bytes
-rw-r--r--xss/index.php36
2 files changed, 0 insertions, 36 deletions
diff --git a/xss/comments.db b/xss/comments.db
deleted file mode 100644
index 32114c2..0000000
--- a/xss/comments.db
+++ /dev/null
Binary files differ
diff --git a/xss/index.php b/xss/index.php
deleted file mode 100644
index e645517..0000000
--- a/xss/index.php
+++ /dev/null
@@ -1,36 +0,0 @@
-<?php
- class MyDB extends SQLite3 {
- function __construct() {
- $this->open('comments.db');
- }
- }
-
- if (isset($_POST['user'], $_POST['comment'])) {
- $user = $_POST['user'];
- $comment = $_POST['comment'];
-
- $db = new MyDB();
-
- $sql = 'INSERT INTO Comments VALUES(\'' . $user . '\',\'' . $comment . '\')';
- $ret = $db->exec($sql);
- $db->close();
- }
-
- echo '<!DOCTYPE HTML><html><head><title>Comments</title>' .
- '<meta charset="utf-8"></head><body><h1>Comments</h1>';
-
- $db = new MyDB();
-
- $sql = 'SELECT * FROM Comments';
- $ret = $db->query($sql);
- while ($row = $ret->fetchArray(SQLITE3_ASSOC))
- echo '<p><b>' . $row['user'] . '</b> says:<br>' . $row['comment'] . '</p>';
-
- $db->close();
-
- echo '<h2>Add comment</h1><form action="index.php" method="post">' .
- '<input type="text" name="user" placeholder="User name"><br>' .
- '<input type="text" name="comment" placeholder="Comment"><br>' .
- '<input type="submit" value="Add"><br>' .
- '</form></body></html>';
-?>