Hey guys!
I have spent the last 5 and a half hours banging my head up against the wall trying to fix this to no avail so I guess its time to ask the experts!!!
I am having a problem with my membership class.
Basically, it works perfectly if a user logs in using sessions and not cookies. But when remember is set to 1 (they ticked the remember me checkbox), the mysql query fails on this line when we run $member_class->member_class();
$result = mysql_fetch_array(mysql_query("SELECT * FROM members WHERE email = '{$email}' AND token ='{$token}' AND ip_address LIKE '{$ip_address}%'"), MYSQL_ASSOC) or DIE ($this->query_error);
Everything matches up except for the $token value.
Basicly I believe that a new token is updated in the mysql database, before the token value in the cookie is updated as when I print $token, it definitly matches up with the token value in the mysql database. But from reading through the code, it all looks perfectly fine to me which is why i am so confused.
If i change $newtoken = $this->token(); // generate a new token to $newtoken = '1234'; the script also works perfectly fine without errors (though not very secure so would like the token to change values!
Really appreciate any input! Cheers
<?php
// member class
// handlers member logon
class member_class {
var $message = '';
var $query_error = 'ERROR: something went wrong when accessing the database. Please consult your webmaster';
function member_class() { //constructor
if (!$_SESSION['member_id']) { //fills session with empty values
$this->set_session_defaults();;
}
if ($_SESSION['logged_in']) { //already logged in
$this->check_session();
}
if ($_COOKIE['remember']) {
$this->check_remembered($_COOKIE['remember']);
}
}
function check_login($email,$password,$remember,$redirect) {
$email = mysql_escape_string($email);
$salt='s+(_v';
$password = mysql_escape_string(hash('sha512', $salt . $password));
$result=mysql_fetch_array(mysql_query("SELECT * FROM members WHERE email = '{$email}' AND password = '{$password}'"), MYSQL_ASSOC);
if ($result) {
$this->set_session($result,$remember,true);
return true;
} else {
$this->failed = true;
$this->logout();
//create error message telling user that either the email address does not exist, or they have entered the wrong password associated with the email address
$result=mysql_fetch_array(mysql_query("SELECT email FROM members WHERE email = '{$email}'"));
if($result) { $this->message .= 'Incorrect Password. Please try again'; }
else { $this->message .= 'The email address '.$email.' does not exist. Please try again or <a href="/register.php" class=" cboxElement">create a new account</a>.'; }
return false;
}
}
function logout() {
// blowup cookie
setcookie('remember',time()-3600);
$this->set_session_defaults();
}
function set_session($result,$remember,$init = true) {
$member_id=$result['member_id'];
if ($init) {
$session = mysql_escape_string(session_id());
$ip_address = mysql_escape_string($_SERVER['REMOTE_ADDR']);
$newtoken = $this->token(); // generate a new token
// generate a random token
$update = mysql_query("UPDATE members SET session='{$session}', token='{$newtoken}', ip_address='{$ip_address}' WHERE member_id='{$member_id}'") or DIE ($this->query_error);
}
$_SESSION['member_id'] = $result['member_id'];
$_SESSION['email'] = htmlspecialchars($result['email']);
$_SESSION['fullname'] = $result['fullname'];
$_SESSION['token'] = $newtoken;
$_SESSION['logged_in'] = true;
if ($remember) {
$this->update_cookie($newtoken);
}
}
function update_cookie($token) {
$cookie = serialize(array($_SESSION['email'],$token));
//print $token;
setcookie('remember',$cookie, time()+12099600);
}
function check_remembered($cookie) {
$serializedArray=$cookie;
$serializedArray = stripslashes($serializedArray);
list($email,$token) = unserialize($serializedArray);
if(empty($email) or empty($token)) {
return;
} else {
$email = mysql_escape_string($email);
$token = mysql_escape_string($token);
$ip_address = mysql_escape_string($_SERVER['REMOTE_ADDR']);
//changed from = '{ip_address} to like '{ipaddress}% so we are not strict in ip address we only limit to first 3 charactors of ip
$ip_address = substr($ip_address, 0, 3);
$query = "SELECT * FROM members WHERE email = '{$email}' AND token ='{$token}' AND ip_address LIKE '{$ip_address}%'";
print $query;
$result = mysql_fetch_array(mysql_query("SELECT * FROM members WHERE email = '{$email}' AND token ='{$token}' AND ip_address LIKE '{$ip_address}%'"), MYSQL_ASSOC) or DIE ($this->query_error);
if (!$result) {
// $this->set_session($result,false,false);
}else{
$this->set_session($result,true,true);
}
}
}
function token() {
// generate a random token
for($i=1;$i<33;$i++) {
$seed .= chr(rand(0,255));
}
return md5($seed);
}
function check_session() {
$email = mysql_escape_string($_SESSION['email']);
$token = mysql_escape_string($_SESSION['token']);
$session = mysql_escape_string(session_id());
//if ip address changes it will fail POSSIBLY DO NOT NEED THIS!
$ip_address = mysql_escape_string($_SERVER['REMOTE_ADDR']);
//check only the first 4 charactors of ip address incase user changes ip in corporate workplace etc ALSO CHANGED = TO LIKE IN MYSQL QUERY AND ADDEED % TO THE END AS WILDCARD
$ip_address = substr($ip_address, 0, 3);
$result = mysql_fetch_array(mysql_query("SELECT * FROM members WHERE email='{$email}' AND token='{$token}' AND session='{$session}' AND ip_address LIKE '{$ip_address}%'"), MYSQL_ASSOC or DIE ($this->query_error));
if ($result != false){
}else{
$this->logout();
}
}
}?>