PHP code

<?php
include "sql_and_php_debug_with_anticheat.php";
mysql_connect("localhost""level30""fetq96LcFI6T6Ar+qDGskw==");
mysql_select_db("level30");

?>
<h1>Good Old Shop Search</h1>
Try to get field "flag" of table "flag" from the database by SQL injection by hand<br/>(what happens if your input goes into SQL query? how to make UNION SELECT?)
<?php
if (empty($_GET['query'])) {
?>
<h2>Enter search text:</h2>
<form method="GET" id="form">Find: <input type="text" name="query" id="query" size=60 value="<?php echo isset($_GET['query']) ? htmlspecialchars($_GET['query']) : "a"?>" /> <input type="submit" value="Find &raquo;" />
<input type="hidden" name="sig_query" id="sig_query" /></form>
<?php
} else {
?>
<h2>Search results</h2>
<a href='?'>&laquo; back</a><p/>
<?php
  $res debug_mysql_query("SELECT * FROM products WHERE label LIKE '%$_GET[query]%' OR description LIKE '%$_GET[query]%'");
  while ($row mysql_fetch_assoc($res)) {
    echo "<h3>$row[label]</h3><p/>$row[description]<br/><br/>";
  }
}
SQL debug

Good Old Shop Search

Try to get field "flag" of table "flag" from the database by SQL injection by hand
(what happens if your input goes into SQL query? how to make UNION SELECT?)

Enter search text:

Find: