From 178ff562ad3eb7202e18e79f402fdc1abedfbce1 Mon Sep 17 00:00:00 2001
From: cklein12 <48038030+cklein12@users.noreply.github.com>
Date: Tue, 30 Jul 2024 15:56:35 -0400
Subject: [PATCH] Create test-15

---
 test-15 | 31 +++++++++++++++++++++++++++++++
 1 file changed, 31 insertions(+)
 create mode 100644 test-15

diff --git a/test-15 b/test-15
new file mode 100644
index 0000000000..4bf37d167b
--- /dev/null
+++ b/test-15
@@ -0,0 +1,31 @@
+<?php
+// Simulated user input (DO NOT do this in a real application)
+$user_input = $_POST['username'];
+
+// Connect to the database (Replace with your actual database credentials)
+$mysqli = new mysqli("localhost", "username", "password", "database_name");
+
+// Check for a database connection error
+if ($mysqli->connect_error) {
+die("Connection failed: " . $mysqli->connect_error);
+}
+
+// Vulnerable query construction (DO NOT do this in a real application)
+$query = "SELECT * FROM users WHERE username = '$user_input'";
+
+// Execute the query (SQL injection vulnerability here)
+$result = $mysqli->query($query);
+
+// Fetch and display results (not relevant for this example)
+if ($result) {
+while ($row = $result->fetch_assoc()) {
+echo "Username: " . $row['username'] . "<br>";
+}
+$result->close();
+} else {
+echo "Query error: " . $mysqli->error;
+}
+
+// Close the database connection
+$mysqli->close();
+?>