include "./config.php";
login_chk();
$db = dbconnect();
if(preg_match('/prob|_|\.|\(\)/i', $_GET[id])) exit("No Hack ~_~"); // do not try to attack another table, database!
if(preg_match('/prob|_|\.|\(\)/i', $_GET[pw])) exit("No Hack ~_~");
$query = "select id from prob_gremlin where id='{$_GET[id]}' and pw='{$_GET[pw]}'";
echo "query :{$query}";
$result = @mysqli_fetch_array(mysqli_query($db,$query));
if($result['id']) solve("gremlin");
highlight_file(__FILE__);
include "./config.php";
login_chk();
$db = dbconnect();
if(preg_match('/prob|_|.|()/i', $GET[id])) exit("No Hack _");
if(preg_match('/prob||.|()/i', $_GET[pw])) exit("No Hack _");
$query = "select id from prob_cobolt where id='{$_GET[id]}' and pw=md5('{$_GET[pw]}')";
echo "query:{$query}";
$result = @mysqli_fetch_array(mysqli_query($db,$query));
if($result['id'] == 'admin') solve("cobolt");
elseif($result['id']) echo "Hello {$result['id']}You are not admin :(";
highlight_file(FILE);
include "./config.php";
login_chk();
$db = dbconnect();
if(preg_match('/prob|_|.|()/i', $_GET[no])) exit("No Hack _");
if(preg_match('/'|"|`/i', $_GET[no])) exit("No Quotes _");
$query = "select id from prob_goblin where id='guest' and no={$_GET[no]}";
echo "query : {$query}";
$result = @mysqli_fetch_array(mysqli_query($db,$query));
if($result['id']) echo "Hello {$result[id]}";
if($result['id'] == 'admin') solve("goblin");
highlight_file(FILE);