forked from CSPF-Founder/JavaVulnerableLab
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathforumUsersList.jsp
28 lines (23 loc) · 992 Bytes
/
forumUsersList.jsp
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
<%@page import="java.sql.ResultSet"%>
<%@page import="java.sql.Statement"%>
<%@page import="java.sql.Connection"%>
<%@ include file="/header.jsp" %>
<%@ page import="model.DBConnect"%>
<%
Connection con=new DBConnect().connect(getServletContext().getRealPath("/WEB-INF/config.properties"));
String username=request.getParameter("username");
Statement stmt = con.createStatement();
ResultSet rs =null;
rs=stmt.executeQuery("select * from users");
out.print("Users: ");
out.print("<ol>");
while( rs.next())
{
out.print("<li>");
out.print("<a href='UserDetails.jsp?username="+rs.getString("username")+"'>"+rs.getString("username")+"</a>");
out.print("</li>");
}
out.print("</ol");
out.print("<br/><br/><a href='forum.jsp'>Return to Forum >></a>");
%>
<%@ include file="/footer.jsp" %>