Please check the config file.
Database Error #" . mysqli_connect_errno() . ": " . mysqli_connect_error() . "." ); if ($_DVWA[ 'db_user' ] == "root") { dvwaMessagePush( 'Your database user is root, if you are using MariaDB, this will not work, please read the README.md file.' ); } dvwaPageReload(); } // Create database $drop_db = "DROP DATABASE IF EXISTS {$_DVWA[ 'db_database' ]};"; if( !@mysqli_query($GLOBALS["___mysqli_ston"], $drop_db ) ) { dvwaMessagePush( "Could not drop existing database
SQL: " . ((is_object($GLOBALS["___mysqli_ston"])) ? mysqli_error($GLOBALS["___mysqli_ston"]) : (($___mysqli_res = mysqli_connect_error()) ? $___mysqli_res : false)) ); dvwaPageReload(); } $create_db = "CREATE DATABASE {$_DVWA[ 'db_database' ]};"; if( !@mysqli_query($GLOBALS["___mysqli_ston"], $create_db ) ) { dvwaMessagePush( "Could not create database
SQL: " . ((is_object($GLOBALS["___mysqli_ston"])) ? mysqli_error($GLOBALS["___mysqli_ston"]) : (($___mysqli_res = mysqli_connect_error()) ? $___mysqli_res : false)) ); dvwaPageReload(); } dvwaMessagePush( "Database has been created." ); // Create table 'users' if( !@((bool)mysqli_query($GLOBALS["___mysqli_ston"], "USE " . $_DVWA[ 'db_database' ])) ) { dvwaMessagePush( 'Could not connect to database.' ); dvwaPageReload(); } $create_tb = "CREATE TABLE users (user_id int(6),first_name varchar(15),last_name varchar(15), user varchar(15), password varchar(32),avatar varchar(70), last_login TIMESTAMP, failed_login INT(3), PRIMARY KEY (user_id));"; if( !mysqli_query($GLOBALS["___mysqli_ston"], $create_tb ) ) { dvwaMessagePush( "Table could not be created
SQL: " . ((is_object($GLOBALS["___mysqli_ston"])) ? mysqli_error($GLOBALS["___mysqli_ston"]) : (($___mysqli_res = mysqli_connect_error()) ? $___mysqli_res : false)) ); dvwaPageReload(); } dvwaMessagePush( "'users' table was created." ); // Insert some data into users $base_dir= str_replace ("setup.php", "", $_SERVER['SCRIPT_NAME']); $avatarUrl = $base_dir . 'hackable/users/'; $insert = "INSERT INTO users VALUES ('1','admin','admin','admin',MD5('password'),'{$avatarUrl}admin.jpg', NOW(), '0'), ('2','Gordon','Brown','gordonb',MD5('abc123'),'{$avatarUrl}gordonb.jpg', NOW(), '0'), ('3','Hack','Me','1337',MD5('charley'),'{$avatarUrl}1337.jpg', NOW(), '0'), ('4','Pablo','Picasso','pablo',MD5('letmein'),'{$avatarUrl}pablo.jpg', NOW(), '0'), ('5','Bob','Smith','smithy',MD5('password'),'{$avatarUrl}smithy.jpg', NOW(), '0');"; if( !mysqli_query($GLOBALS["___mysqli_ston"], $insert ) ) { dvwaMessagePush( "Data could not be inserted into 'users' table
SQL: " . ((is_object($GLOBALS["___mysqli_ston"])) ? mysqli_error($GLOBALS["___mysqli_ston"]) : (($___mysqli_res = mysqli_connect_error()) ? $___mysqli_res : false)) ); dvwaPageReload(); } dvwaMessagePush( "Data inserted into 'users' table." ); // Create guestbook table $create_tb_guestbook = "CREATE TABLE guestbook (comment_id SMALLINT UNSIGNED NOT NULL AUTO_INCREMENT, comment varchar(300), name varchar(100), PRIMARY KEY (comment_id));"; if( !mysqli_query($GLOBALS["___mysqli_ston"], $create_tb_guestbook ) ) { dvwaMessagePush( "Table could not be created
SQL: " . ((is_object($GLOBALS["___mysqli_ston"])) ? mysqli_error($GLOBALS["___mysqli_ston"]) : (($___mysqli_res = mysqli_connect_error()) ? $___mysqli_res : false)) ); dvwaPageReload(); } dvwaMessagePush( "'guestbook' table was created." ); // Insert data into 'guestbook' $insert = "INSERT INTO guestbook VALUES ('1','This is a test comment.','test');"; if( !mysqli_query($GLOBALS["___mysqli_ston"], $insert ) ) { dvwaMessagePush( "Data could not be inserted into 'guestbook' table
SQL: " . ((is_object($GLOBALS["___mysqli_ston"])) ? mysqli_error($GLOBALS["___mysqli_ston"]) : (($___mysqli_res = mysqli_connect_error()) ? $___mysqli_res : false)) ); dvwaPageReload(); } dvwaMessagePush( "Data inserted into 'guestbook' table." ); // Copy .bak for a fun directory listing vuln $conf = DVWA_WEB_PAGE_TO_ROOT . 'config/config.inc.php'; $bakconf = DVWA_WEB_PAGE_TO_ROOT . 'config/config.inc.php.bak'; if (file_exists($conf)) { // Who cares if it fails. Suppress. @copy($conf, $bakconf); } dvwaMessagePush( "Backup file /config/config.inc.php.bak automatically created" ); // Done dvwaMessagePush( "Setup successful!" ); if( !dvwaIsLoggedIn()) dvwaMessagePush( "Please login." ); dvwaPageReload(); ?>