taint
(PECL taint >=0.1.0)
taint — Taint a string
Description
bool taint
( string
&$string
[, string $...
] )Make a string tainted. This is used for testing purpose only.
Parameters
-
string -
-
... -
Return Values
Return TRUE if the transformation is done. Always return TRUE if the taint extension is not enabled.
Коментарии
The answer of your question is:
<?php
session_start();
session_destroy();
?>
<meta charset="UTF-8">
<html>
<form method="GET" action="datos.php">
<?php
if(isset($_GET['usuario'])){
if(strcmp("ana",$_GET['usuario'])==0){
if(strcmp("abc123.",$_GET['contraseña'])==0){
$_SESSION['usuario']=$_GET['usuario'];
}
else{
echo"
<script>
alert ('Usuario o contraseña incorrectos');
window.location='login.php';
</script>"
;}
}
if(strcmp("xan",$_GET['usuario'])==0){
if(strcmp("abc123.",$_GET['contraseña'])==0){
$_SESSION['usuario']=$_GET['usuario'];
}
else{
echo"
<script>
alert ('Usuario o contraseña incorrectos');
window.location='login.php';
</script>"
;}
}
}
if(isset($_SESSION['usuario'])){
//lo que se muestra na la pagina.
$conexion=mysqli_connect("localhost","root","","folla14")or die(mysqli_error());
if($conexion){
mysqli_set_charset($conexion,"UTF8");
echo "
<input type='submit' value='Lista completa' name='listac'>
"
;}
}
else{
echo"
<script>
alert ('Usuario o contraseña incorrectos');
window.location='login.php';
</script>";
}
?>
I think the real problem u have is the use of bucle for:
<?php
require 'vehiculos.class.php';
session_start();
?>
<!DOCTYPE html>
<html>
<head>
<title></title>
</head>
<body>
<?php
echo "<form action='introducir.php' method='GET'>";
echo "<input type='submit' value='Introducir un coche'><br>";
echo "</form>";
echo "<form action='borrar.php' method='GET'>";
echo "<input type='submit' value='Borrar un coche'><br>";
echo "</form>";
echo "<form action='alugar.php' method='GET'>";
echo "<input type='submit' value='Alugar un coche'><br>";
echo "</form>";
echo "<form action='desaluga.php' method='GET'>";
echo "<input type='submit' value='Desalugar un coche'><br>";
echo "</form>";
echo "<form action='xestionFlota.php' method='GET'>";
echo "<input type='submit' name='garda' value='Gardar o array nun ficheiro'><br>";
echo "</form>";
echo "<form action='xestionFlota.php' method='GET'>";
echo "<input type='submit' name='ler' value='Ler o array dun ficheiro'><br>";
echo "</form>";
echo "<form action='xestionFlota.php' method='GET'>";
echo "<input type='submit' name='del' value='Borrar e saír'><br>";
echo "</form>";
echo "Hai un total de ".vehiculo::$numVehiculos." vehículos en total na empresa, e un total de ".vehiculo::$numVehiculosAlugados." alugados<br>";
if(! isset($_SESSION['flota'])){
$flota = array();
$_SESSION['flota']=$flota;
}
if (isset($_GET['intro'])) {
$novoVehiculo = new vehiculo ($_GET['mat'],$_GET['mod'],$_GET['kms'],$_GET['imaxe']);
$_SESSION['flota'][]=$novoVehiculo;
foreach ($_SESSION['flota'] as $id=>$vehiculo) {
echo "O vehículo ".$vehiculo->getModelo()." con matrícula ".$vehiculo->getMatricula()." e ".$vehiculo->getKms()." kms<br>Imaxe: <br><img width='200' height='100' src='imaxes/".$vehiculo->getImaxe().".jpg'><br>";
}
}
if (isset($_GET['borrar'])) {
foreach ($_SESSION['flota'] as $id=>$vehiculo) {
if($vehiculos->getMatricula()==($_GET['mat'])){
$indice=$id;
unset($_SESSION['flota'][$indice]);
$_SESSION['flota']=array_values($_SESSION['flota']);
}
}
foreach ($_SESSION['flota'] as $id=>$vehiculo) {
echo "O vehículo ".$vehiculo->getModelo()." con matrícula ".$vehiculo->getMatricula()." e ".$vehiculo->getKms()." kms<br>Imaxe: <br><img width='200' height='100' src='imaxes/".$vehiculo->getImaxe().".jpg'><br>";
}
}
I think the real problem u have is the use of bucle for:
<?php
require 'vehiculos.class.php';
session_start();
?>
<!DOCTYPE html>
<html>
<head>
<title></title>
</head>
<body>
<?php
echo "<form action='introducir.php' method='GET'>";
echo "<input type='submit' value='Introducir un coche'><br>";
echo "</form>";
echo "<form action='borrar.php' method='GET'>";
echo "<input type='submit' value='Borrar un coche'><br>";
echo "</form>";
echo "<form action='alugar.php' method='GET'>";
echo "<input type='submit' value='Alugar un coche'><br>";
echo "</form>";
echo "<form action='desaluga.php' method='GET'>";
echo "<input type='submit' value='Desalugar un coche'><br>";
echo "</form>";
echo "<form action='xestionFlota.php' method='GET'>";
echo "<input type='submit' name='garda' value='Gardar o array nun ficheiro'><br>";
echo "</form>";
echo "<form action='xestionFlota.php' method='GET'>";
echo "<input type='submit' name='ler' value='Ler o array dun ficheiro'><br>";
echo "</form>";
echo "<form action='xestionFlota.php' method='GET'>";
echo "<input type='submit' name='del' value='Borrar e saír'><br>";
echo "</form>";
echo "Hai un total de ".vehiculo::$numVehiculos." vehículos en total na empresa, e un total de ".vehiculo::$numVehiculosAlugados." alugados<br>";
if(! isset($_SESSION['flota'])){
$flota = array();
$_SESSION['flota']=$flota;
}
if (isset($_GET['intro'])) {
$novoVehiculo = new vehiculo ($_GET['mat'],$_GET['mod'],$_GET['kms'],$_GET['imaxe']);
$_SESSION['flota'][]=$novoVehiculo;
foreach ($_SESSION['flota'] as $id=>$vehiculo) {
echo "O vehículo ".$vehiculo->getModelo()." con matrícula ".$vehiculo->getMatricula()." e ".$vehiculo->getKms()." kms<br>Imaxe: <br><img width='200' height='100' src='imaxes/".$vehiculo->getImaxe().".jpg'><br>";
}
}
if (isset($_GET['borrar'])) {
foreach ($_SESSION['flota'] as $id=>$vehiculo) {
if($vehiculos->getMatricula()==($_GET['mat'])){
$indice=$id;
unset($_SESSION['flota'][$indice]);
$_SESSION['flota']=array_values($_SESSION['flota']);
}
}
foreach ($_SESSION['flota'] as $id=>$vehiculo) {
echo "O vehículo ".$vehiculo->getModelo()." con matrícula ".$vehiculo->getMatricula()." e ".$vehiculo->getKms()." kms<br>Imaxe: <br><img width='200' height='100' src='imaxes/".$vehiculo->getImaxe().".jpg'><br>";
}
}
if (isset($_GET['aluga'])) {
foreach ($_SESSION['flota'] as $id=>$vehiculo) {
if($vehiculo->getMatricula()==($_GET['mat'])){
$indice=$id;
$dias=$_GET['dias'];
$_SESSION['flota'][$indice]->aluga($dias);
}
}
foreach ($_SESSION['flota'] as $id=>$vehiculo) {
if($vehiculo->getDiasAlugado() > 1 ){
echo "O vehículo ".$vehiculo->getModelo()." con matrícula ".$vehiculo->getMatricula()." foi alugado durante ".$vehiculo->getDiasAlugado()." días <br>Imaxe: <br><img width='200' height='100' src='imaxes/".$vehiculo->getImaxe().".jpg'><br>";
}
}
}
if (isset($_GET['desalugar'])) {
foreach ($_SESSION['flota'] as $id=>$vehiculo) {
if($vehiculo->getMatricula()==($_GET['mat'])){
$indice=$id;
$kms=$_GET['kms'];
$_SESSION['flota'][$indice]->devolveAlugado($kms);
}
}
foreach ($_SESSION['flota'] as $id=>$vehiculo) {
if($_GET['mat'])
echo "O vehículo ".$vehiculo->getModelo()." con matrícula ".$vehiculo->getMatricula()." terminou o período de alugamento con un total de ".$vehiculo->getKms()." kms<br>Imaxe: <br><img width='200' height='100' src='imaxes/".$vehiculo->getImaxe().".jpg'><br>";
}
}
if (isset($_GET['garda'])) {
$fich=fopen('flota.txt',"w");
$XD=serialize($_SESSION['flota']);
fwrite($fich,$XD);
fclose($fich);
}
if (isset($_GET['ler'])) {
$fich=fopen('flota.txt',"r");
$lerarray=fread($fich,filesize('flota.txt'));
$_SESSION['flota']=unserialize($lerarray);
foreach ($_SESSION['flota'] as $key => $coche) {
echo "Matrícula: ".$coche->getMatricula()."<br>Modelo: ".$coche->getModelo()."<br>KMS: ".$coche->getKms()." km <br>";
}
fclose($fich);
}
if (isset($_GET['del'])) {
unset($_SESSION['flota']);
session_destroy();
}
?>
</body>
</html>
<!DOCTYPE html>
<html>
<head>
<title></title>
</head>
<body>
<form method="GET" action="opcions.php">
<p>Usuario</p>
<input type="text" name="usu"><br>
<p>Contraseña</p>
<input type="password" name="con"><br>
<input type="submit" name="enviar" value="Enviar">
</form>
</body>
</html>
<?php
@session_start();
?>
<!DOCTYPE html>
<html>
<head>
<meta charset="utf-8">
<title></title>
</head>
<body>
<?php
$usu=$_GET["usu"];
$con=$_GET["con"];
if (($usu=="Xan" && $con=="abc123.") OR ($usu=="Ana" && $con=="abc123.")){
$SESSION["usu"]=$usu;
echo "Usuario correcto<br>";
$conexion=mysqli_connect("192.168.2.201","exame","abc123.","musica");
if ($conexion != FALSE) {
echo "Conexion a BD establecida";
echo "<form method='GET' action='lista.php'><br>
<input type='submit' name='completo' value='Listar todos os discos'>
<input type='submit' name='orden_titulo' value='Listar por titulo'>
<input type='submit' name='orden_autor' value='Listar por autor'>
<select name='Autor'>
<option>Beatles</option>
<option>Rolling</option>
<option>xxx</option>
<input type='submit' name='Enviar'>
</select>
</form>";
if($usu=="Ana"){
echo "<br>
<input type='submit'name='engadir' value='Engadir rexistro'>
<input type='submit'name='editar' value='Editar rexistro'>
<input type='submit'name='eliminar' value='Eliminar rexistro'>
</form>";
}
}
}else{
echo "Usuario erroneo";
}
echo "<form method='GET' action='login.php'>
<input type='submit' name='volver' value='Volver al login'";
?>
</body>
</html>
--------------
<article id="contenedor">
<?php
$conexion=mysqli_connect("192.168.2.201","exame","abc123.","musica");
if ($conexion) {
if (isset($_GET['completo'])) {
$consulta="SELECT * FROM tema";
}
elseif (isset($_GET['orden_titulo'])) {
$consulta="SELECT * FROM tema ORDER BY Titulo";
}
elseif (isset($_GET['orden_autor'])) {
$consulta="SELECT * FROM tema ORDER BY Autor";
}
elseif (isset($_GET['Autor'])) {
if ($_GET['Autor']=="The Beatles") {
$consulta="SELECT * FROM tema WHERE Autor='The Beatles'";
}
}
$resultado=mysqli_query($conexion,$consulta);
if ($resultado!=FALSE) {
while ($fila=mysqli_fetch_array($resultado)) {
echo "<div class='produto'><img src='imaxes/$fila[Imaxe].jpg'><br>$fila[Titulo]><br>$fila[Autor]<br>$fila[Ano]<br></div>";
}
}
echo "<form method='GET' action='opcions.php'>
<input type='submit' value='volver'/>";
?>
</article>
}
?>
<?php
class nave {
private $nome;
private $prezoDiario;
private $alugado;
private $nomeImaxe;
function __construct($nome,$prezoDiario,$nomeImaxe){
$this->nome=$nome;
$this->prezoDiario=$prezoDiario;
$this->alugado="no";
$this->nomeImaxe=$nomeImaxe;
}
function getNome(){
return $this->nome;
}
function getPrezodiario(){
return $this->prezoDiario;
}
function getAlugado(){
return $this->alugado;
}
function getNomeimaxe(){
return $this->nomeImaxe;
}
function alugar(){
return $this->alugado="si";
}
function desalugar(){
$this->alugado="no";
}
}
?>