문제의 코드는 아래와 같다. # Send request? if (isset($_POST['password']) && isset($_POST['username']) && is_string($_POST['password']) && is_string($_POST['username']) ) { $uname = mysql_real_escape_string($_POST['username']); $pass = md5($_POST['password']); $query = "SELECT level FROM ".GWF_TABLE_PREFIX."wc_chall_reg_glob WHERE username='$uname' AND password='$pass'"; $db = gwf_db(); if (false === ($row = $db->queryFirst($query))) { echo GWF_HTML::error('Register Globals', $chall->lang('err_failed')); } else { # Login success $login = …