<?php
// We didn't check $_POST['password'], it could be anything the user wanted! For example:
$username = 'aidan';
$password = "' OR ''='";
// Query database to check if there are any matching users
$query = "SELECT * FROM users WHERE user='{$_POST['username']}' AND password='{$_POST['password']}'";
// This means the query sent to MySQL would be:
echo $query;
?>
Warning: Undefined array key "username" in /in/i3Ded on line 7
Warning: Undefined array key "password" in /in/i3Ded on line 7
SELECT * FROM users WHERE user='' AND password=''
Output for 8.3.5
Warning: PHP Startup: Unable to load dynamic library 'sodium.so' (tried: /usr/lib/php/8.3.5/modules/sodium.so (libsodium.so.23: cannot open shared object file: No such file or directory), /usr/lib/php/8.3.5/modules/sodium.so.so (/usr/lib/php/8.3.5/modules/sodium.so.so: cannot open shared object file: No such file or directory)) in Unknown on line 0
Warning: Undefined array key "username" in /in/i3Ded on line 7
Warning: Undefined array key "password" in /in/i3Ded on line 7
SELECT * FROM users WHERE user='' AND password=''
Notice: Undefined index: username in /in/i3Ded on line 7
Notice: Undefined index: password in /in/i3Ded on line 7
SELECT * FROM users WHERE user='' AND password=''
Notice: Undefined index: username in /in/i3Ded on line 7
Notice: Undefined index: password in /in/i3Ded on line 7
SELECT * FROM users WHERE user='' AND password=''