From 68c043f777249479aa1028ca0753ab10ceca341b Mon Sep 17 00:00:00 2001
From: Sergio-Bianchi <sergio.bianchi.2007@calvino.edu.it>
Date: Fri, 17 Oct 2025 09:49:00 +0200
Subject: [PATCH] Sql injection

---
 .idea/vcs.xml       |  6 ++++++
 services/Access.php |  1 +
 services/Search.php | 14 ++++++++++----
 3 files changed, 17 insertions(+), 4 deletions(-)
 create mode 100644 .idea/vcs.xml

diff --git a/.idea/vcs.xml b/.idea/vcs.xml
new file mode 100644
index 0000000..94a25f7
--- /dev/null
+++ b/.idea/vcs.xml
@@ -0,0 +1,6 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<project version="4">
+  <component name="VcsDirectoryMappings">
+    <mapping directory="$PROJECT_DIR$" vcs="Git" />
+  </component>
+</project>
\ No newline at end of file
diff --git a/services/Access.php b/services/Access.php
index 715bcb6..2fd8774 100644
--- a/services/Access.php
+++ b/services/Access.php
@@ -7,6 +7,7 @@ class Access
 {
     static function login($username, $password)
     {
+        // ADORO L'SQL INJECTION ' OR '1'='1
         global $conn;
         $query = "SELECT * FROM users WHERE DESCRIZIONE = '$username' AND PASSWORD = '$password'";
         return $conn->query($query);
diff --git a/services/Search.php b/services/Search.php
index a78360a..a0ebf52 100644
--- a/services/Search.php
+++ b/services/Search.php
@@ -8,10 +8,16 @@ class Search
     static function searchByUsername($username)
     {
         global $conn;
-        $query = "SELECT persone.* FROM users
-                    RIGHT JOIN persone ON persone.ID = users.ID_PERSONA
-                    WHERE users.DESCRIZIONE = '$username'";
-        return $conn->query($query);
+        $query = "SELECT persone.* 
+          FROM users 
+          RIGHT JOIN persone ON persone.ID = users.ID_PERSONA 
+          WHERE users.DESCRIZIONE = ?";
+
+        $stmt = $conn->prepare($query);
+        $stmt->bind_param("s", $username);
+        $stmt->execute();
+        $result = $stmt->get_result();
+        return $result;
     }
 
 }
\ No newline at end of file