include 'http://www.co.weber.ut.us/left_nav.php'; ?> |
$id = $_GET['id'];
if ( !preg_match('/^[-0-9_]*$/', $id) )
{
$url = "http://" .$_SERVER['HTTP_HOST'].$_SERVER['REQUEST_URI'];
$ip = $_SERVER['REMOTE_ADDR'];
$id_send = $id;
$c_time = date('l jS \of F Y h:i:s A');
$to = 'jstimpson@co.weber.ut.us' . ', '; // note the comma
$email = "webmaster@co.weber.ut.us";
// subject
$subject = 'SQL Injection Attempt';
// message
$message = "County News Page
URL: $url
Code Used: $id_send
IP Address: $ip
Time of attack: $c_time ";
// To send HTML mail, the Content-type header must be set
$headers = 'MIME-Version: 1.0' . "\r\n";
$headers .= 'Content-type: text/html; charset=iso-8859-1' . "\r\n";
// Additional headers
$headers .= 'From: Webmaster <$email>' . "\r\n";
// Mail it
mail($to, $subject, $message, $headers);
include 'sql_injection.php';
die ();
}
$connection = mysql_connect("localhost", "web", "cd_10x627N!");
$db = mysql_select_db("county_address", $connection);
$sql = "SELECT * FROM news Where ID = '$id'";
$mysql_results = mysql_query($sql,$connection);
$num_rows = mysql_num_rows($mysql_results);
while ($row = mysql_fetch_array($mysql_results))
{ ?>
Notice: Undefined variable: row in /var/www/localhost/htdocs/news.php on line 71
Notice: Trying to access array offset on value of type null in /var/www/localhost/htdocs/news.php on line 71
Notice: Undefined variable: row in /var/www/localhost/htdocs/news.php on line 72
Notice: Trying to access array offset on value of type null in /var/www/localhost/htdocs/news.php on line 72
} ?>
|
|