PHP code

<head><meta charset="utf-8" /><style>input { font-family: monospace; font-size: 36px; }</style></head>
<?php
include "sql_and_php_debug_with_anticheat.php";
mysql_connect("localhost""level34""lnUevZdqw1JB6UxepqA2Hw==");
mysql_select_db("level34");

?>
<h1>SQL calc</h1>
Looks like they implemented a calculator in a strange way.<br/>And we don't know the table where flag is.<br/>(how to use <code>information_schema</code>?)<p/>

<?php
if (!isset($_GET['equ'])) {
  $result 0;
} elseif (preg_match('/\'|"|--|#|\/\*/s'$_GET['equ'])) {
  echo "Hacking attempt! Denied.";
  $result "ERR";
} else {
  $res debug_mysql_query("SELECT (" $_GET['equ'] . ")");
  $row mysql_fetch_row($res);
  $result $row[0];
}
?>

<h2>Calculator:</h2>
<form method="GET" id="form">
  Expression to calculate: <input type="text" name="equ" id="equ" size=20 value="<?php echo isset($_GET['equ']) ? htmlspecialchars($_GET['equ']) : "2 + 2 * 2"?>" />
      <input type="submit" value="=" />
      <input type="text" size=3 value="<?php echo $result?>" />
  <input type="hidden" name="sig_equ" id="sig_equ" />
</form>
SQL debug

SQL calc

Looks like they implemented a calculator in a strange way.
And we don't know the table where flag is.
(how to use information_schema?)

Calculator:

Expression to calculate: