Below is actual code in use here for this login page. Your task is to login as the Admin user.
function awesomeSQLFilter($username, $password){
  $sqlCommands = array("AND", "OR", "SELECT", "DELETE", "DROP", "CREATE", "LIKE", 
  //Nobody can use any sql commands in their username or password!
  foreach($sqlCommands as $command){
    $username = str_ireplace($command, "", $username);
    $password = str_ireplace($command, "", $password);
  return array($username, $password);

function checkUserPass($db, $username, $password){
  if (!$db) { echo "Error connecting to database."; return false;}
  //security because logins are important!!
  list($username, $password) = awesomeSQLFilter($username, $password);
  $result = sqlite_query($db, "SELECT COUNT(*) cnt FROM Users WHERE username='$username' AND password='$password'", $error);
  if(!$result) { echo htmlentities($error, ENT_QUOTES); return false;}
  $row = $result->fetchArray(); 
  $num_rows = $row['cnt'];
  if($num_rows==1) return true;
  return false;
Note: A real database is used for this challenge, and it is rolled back after each attempt.

You must be logged in order to submit an answer.

Challenge by ynori7.