"; include "dbconn.php"; $db = dbconnect(); $uid = addslashes($_POST['uid']); $upw = addslashes($_POST['upw']); $uid = mb_convert_encoding($uid, "utf-8", "euc-kr"); if(strlen($uid) >= 5) exit("id too long"); if(preg_match('/\*/',$uid)) exit("No Hack"); if(preg_match('/\*|@/',$upw)) exit("No Hack"); if(preg_match('/ace/',$upw)) exit("You are not a ace bitch"); $r = mysqli_fetch_array(mysqli_query($db,"select id,pw,token from member where id='{$uid}' and 'chk'='chk' and pw='{$upw}'")); if($r['id']){ if(preg_match('/_|@/', $r['token'])) exit("NOHACK"); $r2 = mysqli_fetch_array(mysqli_query($db,"select id,token from member where token='{$r[token]}'")); if($r2['id']){ $r3 = mysqli_fetch_array(mysqli_query($db,"select id,pw from member where id='{$r2[id]}'")); if(($r['id'] === "admin") && ($r2['id'] === $r3['id']) && ($r['pw'] === $upw) && ($r3['pw'] === $upw) && ($r['token'] === $r2['token'])) echo "hooray!!! Flag is {$flag}"; else echo "you fail meu"; } else echo "you fail meu!"; } else echo "you fail meu!!"; } else if($page == "photo"){ ?>