fork download 
  1. <?php
  2.  
  3. $_GET['id'] = '1"; DROP TABLE users; -- ';
  4.  
  5. $valid = array(1, 2, 3);
  6.  
  7. if (in_array($_GET['id'], $valid)) {
  8. 	echo 'GOOD';
  9.  
  10. 	// obvious sql injection:
  11. 	// mysql_query('SELECT * FROM users WHERE id = ' . $_GET['id']);
  12. 	// ...
  13. } else {
  14. 	echo 'BAD';
  15. }
Success #stdin #stdout 0.02s 24448KB
comments ()
stdin 
Standard input is empty
stdout 
GOOD
https://ideone.com/oqTMEu
language:
PHP (php 7.3.5)
created:
10 years ago
visibility:
public

Share or Embed source code

Discover > Sphere Engine API

The brand new service which powers Ideone!

Discover > IDE Widget

Widget for compiling and running the source code in a web browser!