复制代码 代码如下:
$mysql_server_name="localhost";
$mysql_username="root";
$mysql_password="password";
$mysql_database="phpzr";//??ݿ??
$conn=mysql_connect($mysql_server_name,$mysql_username,$mysql_password);
mysql_select_db($mysql_database,$conn);
$id=$_GET['id'];
$sql="selectusername,passwordfromadminwhereid=$id";
$result=mysql_db_query($mysql_database,$sql,$conn);
$row=mysql_fetch_row($result);
?>
注入测试专用
创建数据库代码:保存成test.sql使用phpmyadmin执行就ok了
复制代码 代码如下:
CREATEDATABASE`phpzr`;//创建数据库名称
CREATETABLEadmin(
idint(10)unsignedNOTNULLauto_increment,
usernamechar(10)NOTNULLdefault'',
passwordchar(10)NOTNULLdefault'',
useremailchar(20)NOTNULLdefault'',
groupidint(11)NOTNULLdefault'0',
PRIMARYKEY(id)
)TYPE=MyISAM;
INSERTINTOadminVALUES(1,'admin','itpro.blog.163.com','itpro@163.com',1);
INSERTINTOadminVALUES(2,'admin1','itpro.blog.163.com','itpro@163.com',2);
INSERTINTOadminVALUES(3,'admin2','itpro.blog.163.com','itpro@163.com',3);
INSERTINTOadminVALUES(4,'admin3','itpro.blog.163.com','itpro@163.com',4);
INSERTINTOadminVALUES(5,'admin4','itpro.blog.163.com','itpro@163.com',5);
CREATETABLEadmin1(
idint(10)unsignedNOTNULLauto_increment,
usernamechar(10)NOTNULLdefault'',
passwordchar(10)NOTNULLdefault'',
useremailchar(20)NOTNULLdefault'',
groupidint(11)NOTNULLdefault'0',
PRIMARYKEY(id)
)TYPE=MyISAM;
INSERTINTOadmin1VALUES(1,'admin','itpro.blog.163.com','itpro@163.com',1);
INSERTINTOadmin1VALUES(2,'admin1','itpro.blog.163.com','itpro@163.com',2);
INSERTINTOadmin1VALUES(3,'admin2','itpro.blog.163.com','itpro@163.com',3);
INSERTINTOadmin1VALUES(4,'admin3','itpro.blog.163.com','itpro@163.com',4);
INSERTINTOadmin1VALUES(5,'admin4','itpro.blog.163.com','itpro@163.com',5);
