Reviving a Vulnerable PHP Guestbook
Description
This ancient PHP guestbook script demonstrates common vulnerabilities from the early 2000s. It showcases how simple inputs can lead to significant security risks.
Code Snippet
<?php
$name = $_POST['name'];
$comment = $_POST['comment'];
$db = mysql_connect('localhost', 'user', 'password');
mysql_select_db('guestbook', $db);
$query = "INSERT INTO entries (name, comment) VALUES ('$name', '$comment')";
mysql_query($query, $db);
echo "Thank you for your comment!";
mysql_close($db);
?>