I made this simple project for learning and testing how xss and sql-injections works and how to protect web-site from them.
All XSS for testing at file:
xss_examples.txt
All SQL-Injections for testing at file:
sql_injection_examples.txt
Types of XSS:
- Stored XSS
- Reflected XSS
- DOM Based XSS
How works htmlentities() and htmlspecialchars() inside
index.php
Test SQL-Injections for few DB ver
MariaDB 5.5, MySQL 5.5 (& x64), 5.6, 8.0
Main target was Search Field
Now tests complited for procedural and object-oriented interface
Nex "Episode" test for the PDO (The PHP Data Objects)
Connection to DB:
controller/connect.php