From e98bdc8d4f754b6cab489c24719dba664357c61b Mon Sep 17 00:00:00 2001
From: jeff-cycode <163135025+jeff-cycode@users.noreply.github.com>
Date: Sun, 8 Sep 2024 15:01:40 -0400
Subject: [PATCH 1/2] Add files via upload

---
 jwr-low.php | 57 +++++++++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 57 insertions(+)
 create mode 100644 jwr-low.php

diff --git a/jwr-low.php b/jwr-low.php
new file mode 100644
index 0000000..a4472b0
--- /dev/null
+++ b/jwr-low.php
@@ -0,0 +1,57 @@
+<?php
+
+if( isset( $_GET[ 'Submit' ] ) ) {
+	// Get input
+	$id = $_GET[ 'id' ];
+	$exists = false;
+
+	switch ($_DVWA['SQLI_DB']) {
+		case MYSQL:
+			// Check database
+			$query  = "SELECT first_name, last_name FROM users WHERE user_id = '$id';";
+			try {
+				$result = mysqli_query($GLOBALS["___mysqli_ston"],  $query ); // Removed 'or die' to suppress mysql errors
+			} catch (Exception $e) {
+				print "There was an error.";
+				exit;
+			}
+
+			$exists = false;
+			if ($result !== false) {
+				try {
+					$exists = (mysqli_num_rows( $result ) > 0);
+				} catch(Exception $e) {
+					$exists = false;
+				}
+			}
+			((is_null($___mysqli_res = mysqli_close($GLOBALS["___mysqli_ston"]))) ? false : $___mysqli_res);
+			break;
+		case SQLITE:
+			global $sqlite_db_connection;
+
+			$query  = "SELECT first_name, last_name FROM users WHERE user_id = '$id';";
+			try {
+				$results = $sqlite_db_connection->query($query);
+				$row = $results->fetchArray();
+				$exists = $row !== false;
+			} catch(Exception $e) {
+				$exists = false;
+			}
+
+			break;
+	}
+
+	if ($exists) {
+		// Feedback for end user
+		$html .= '<pre>User ID exists in the database.</pre>';
+	} else {
+		// User wasn't found, so the page wasn't!
+		header( $_SERVER[ 'SERVER_PROTOCOL' ] . ' 404 Not Found' );
+
+		// Feedback for end user
+		$html .= '<pre>User ID is MISSING from the database.</pre>';
+	}
+
+}
+
+?>

From 71a7ff3758c759308f74c802937dcfb5d5087577 Mon Sep 17 00:00:00 2001
From: "cycode-security[bot]"
 <54410473+cycode-security[bot]@users.noreply.github.com>
Date: Thu, 16 Oct 2025 15:26:13 +0000
Subject: [PATCH 2/2] [Cycode] Fix for SAST detections - Unsanitized external
 input in SQL query

---
 jwr-low.php | 118 +++++++++++++++++++++++++++-------------------------
 1 file changed, 61 insertions(+), 57 deletions(-)

diff --git a/jwr-low.php b/jwr-low.php
index a4472b0..a4cee47 100644
--- a/jwr-low.php
+++ b/jwr-low.php
@@ -1,57 +1,61 @@
-<?php
-
-if( isset( $_GET[ 'Submit' ] ) ) {
-	// Get input
-	$id = $_GET[ 'id' ];
-	$exists = false;
-
-	switch ($_DVWA['SQLI_DB']) {
-		case MYSQL:
-			// Check database
-			$query  = "SELECT first_name, last_name FROM users WHERE user_id = '$id';";
-			try {
-				$result = mysqli_query($GLOBALS["___mysqli_ston"],  $query ); // Removed 'or die' to suppress mysql errors
-			} catch (Exception $e) {
-				print "There was an error.";
-				exit;
-			}
-
-			$exists = false;
-			if ($result !== false) {
-				try {
-					$exists = (mysqli_num_rows( $result ) > 0);
-				} catch(Exception $e) {
-					$exists = false;
-				}
-			}
-			((is_null($___mysqli_res = mysqli_close($GLOBALS["___mysqli_ston"]))) ? false : $___mysqli_res);
-			break;
-		case SQLITE:
-			global $sqlite_db_connection;
-
-			$query  = "SELECT first_name, last_name FROM users WHERE user_id = '$id';";
-			try {
-				$results = $sqlite_db_connection->query($query);
-				$row = $results->fetchArray();
-				$exists = $row !== false;
-			} catch(Exception $e) {
-				$exists = false;
-			}
-
-			break;
-	}
-
-	if ($exists) {
-		// Feedback for end user
-		$html .= '<pre>User ID exists in the database.</pre>';
-	} else {
-		// User wasn't found, so the page wasn't!
-		header( $_SERVER[ 'SERVER_PROTOCOL' ] . ' 404 Not Found' );
-
-		// Feedback for end user
-		$html .= '<pre>User ID is MISSING from the database.</pre>';
-	}
-
-}
-
-?>
+
+<?php
+
+if( isset( $_GET[ 'Submit' ] ) ) {
+	// Get input
+	$id = $_GET[ 'id' ];
+	$exists = false;
+
+	switch ($_DVWA['SQLI_DB']) {
+		case MYSQL:
+			// Check database
+			$stmt = $GLOBALS["___mysqli_ston"]->prepare("SELECT first_name, last_name FROM users WHERE user_id = ?");
+			$stmt->bind_param("i", $id);
+			try {
+				$stmt->execute();
+				$result = $stmt->get_result();
+			} catch (Exception $e) {
+				print "There was an error.";
+				exit;
+			}
+
+			$exists = false;
+			if ($result !== false) {
+				try {
+					$exists = (mysqli_num_rows( $result ) > 0);
+				} catch(Exception $e) {
+					$exists = false;
+				}
+			}
+			((is_null($___mysqli_res = mysqli_close($GLOBALS["___mysqli_ston"]))) ? false : $___mysqli_res);
+			break;
+		case SQLITE:
+			global $sqlite_db_connection;
+
+			$stmt = $sqlite_db_connection->prepare("SELECT first_name, last_name FROM users WHERE user_id = :id");
+			$stmt->bindValue(':id', $id, SQLITE3_INTEGER);
+			try {
+				$result = $stmt->execute();
+				$row = $result->fetchArray();
+				$exists = $row !== false;
+			} catch(Exception $e) {
+				$exists = false;
+			}
+
+			break;
+	}
+
+	if ($exists) {
+		// Feedback for end user
+		$html .= '<pre>User ID exists in the database.</pre>';
+	} else {
+		// User wasn't found, so the page wasn't!
+		header( $_SERVER[ 'SERVER_PROTOCOL' ] . ' 404 Not Found' );
+
+		// Feedback for end user
+		$html .= '<pre>User ID is MISSING from the database.</pre>';
+	}
+
+}
+
+?>