I'm building an intentionally flawed application for presentation purposes for work. It's left vulnerable to demonstrate improper practices and possibly encourage those who would exploit it to do so. There is ample logging on the server so we're able to see when people poke around. I just need a simple login page that uses a PHP
script to connect to the SQL
database. I can verify connectivity through the SQL server logs, however, the script returns and says "invalid password" when I know the password and username I'm inputting are correct.
I have tried swapping bits of code from other resources / what I know and I get internal error 500
// POST variables
$user=$_POST['user'];
$pass=$_POST['pass'];
// MD5 hash
//$pass=md5($pass);
$sql = "SELECT * FROM login WHERE user = '$user' AND pass = '$pass'";
// Query Login
$stmt = sqlsrv_query($conn, $sql);
if( $stmt === false ) {
die( print_r( sqlsrv_errors(), true));
}
// Login validation
if(sqlsrv_has_rows($stmt)) {
header('Location: landing.html');
}
else {
echo "Wrong username or password!";
}
I expect the connection to work, instead, it just throws up my "Wrong username or password!" statement