ca46354077
git-svn-id: http://webgoat.googlecode.com/svn/trunk@105 4033779f-a91e-0410-96ef-6bf7bf53c507
22 lines
820 B
Plaintext
22 lines
820 B
Plaintext
<%@ page contentType="text/html; charset=ISO-8859-1" language="java"
|
|
import="org.owasp.webgoat.session.*, org.owasp.webgoat.lessons.SQLInjection.SQLInjection"
|
|
errorPage="" %>
|
|
<div id="lesson_search">
|
|
<%
|
|
WebSession webSession = ((WebSession)session.getAttribute("websession"));
|
|
String searchedName = request.getParameter(SQLInjection.SEARCHNAME);
|
|
if (searchedName != null)
|
|
{
|
|
%>
|
|
Employee <%=searchedName%> not found.
|
|
<%
|
|
}
|
|
%>
|
|
<form id="form1" name="form1" method="post" action="attack?menu=<%=webSession.getCurrentMenu()%>">
|
|
<label>Name
|
|
<input class="lesson_text_db" type="text" name="<%=SQLInjection.SEARCHNAME%>"/>
|
|
</label>
|
|
<br>
|
|
<input type="submit" name="action" value="<%=SQLInjection.FINDPROFILE_ACTION%>"/>
|
|
</form>
|
|
</div> |