NTUI
Status: Alpha
Brought to you by:
johnydoe
Menu
▾
▴
#1 NTUI
open
nobody
None
5
2004-03-08
2004-03-08
Anonymous
No
Never trust user input
"SELECT * FROM users WHERE username =
'$LoginNaam' AND password = '$LoginPassword'"
when i submit a loginname "abc AND 1 = 1 "
i can login without a password...please check de user
input first .... the best would be if you check every
input first ...
andreas.dobler@gmx.at
