Matte23/scolapasta
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
53a0575773ab106ca94fbf14417ea752e09b3853
scolapasta/backend/index.js
Matte23 a19f4f1aea feat: Add base files
2025-04-16 16:04:34 +02:00

28 lines
726 B
JavaScript
Raw Blame History

const express = require('express');
const mysql = require('mysql2');
const cors = require('cors');
const app = express();
const db = require('./db');
app.use(cors());
app.use(express.json());
app.post('/api/login', (req, res) => {
const { username, password } = req.body;
// 🚨 INTENTIONALLY VULNERABLE TO SQLi
const query = `SELECT * FROM users WHERE username = '${username}' AND password = '${password}'`;
db.query(query, (err, results) => {
if (err) return res.status(500).send('Error');
if (results.length > 0) {
res.send('Login successful');
} else {
res.status(401).send('Invalid credentials');
}
});
});
app.listen(5000, () => console.log('Backend running on port 5000'));
Reference in New Issue View Git Blame Copy Permalink