2words4uready

This is my first time using sessions. None of the data in $_SESSION['name'] is making it to my next page. Here is the source of the 3 pages I'm working with. (Been trying to get this to work for hours) (log.php) <form name=login" action="in.php" method="post"> <input type="text" name="name"> <input type="password" name="pass"> <input type="submit"> </form> (in.php) <?php session_start(); /******************************************/ $username="****"; $password="****"; $database="****"; /******************************************/ $user = $_POST['name']; $pass = $_POST['pass']; mysql_connect(localhost,$username,$password); @mysql_select_db($database) or die( "Unable to select database"); $query = "SELECT * FROM users WHERE username='$user' and password='$pass'"; $query2 = "SELECT id FROM users WHERE username='$user' and password='$pass'"; $result = mysql_query($query); $num=mysql_numrows($result); mysql_close(); /******************************************/ $i=0; while ($i < $num) { $name1=mysql_result($result,$i,"username"); $pass1=mysql_result($result,$i,"password"); $id =mysql_result($result,$i,"id"); $i++; } /******************************************/ $result = mysql_query($query2); $num=mysql_numrows($result); mysql_close(); $i=0; while ($i < $num) { $id =mysql_result($result,$i,"id"); $i++; } /*****************************************/ if ($name1 == $user) { if ($pass1 == $pass) { $_SESSION['name'] = $user; header("Location: private.php?id=" . $id); } else { echo "pass is wrong"; } } else {; echo "User or pass is incorrect"; } ?> (private.php) <?php session_start(); if (!isset($_SESSION['name'])) { die ("You must login to view this page"); } else ( echo "It worked"; ) ?>

Thanks

Could i get a link to it?

Do you use a scanner to detect vunerabilities

I want to test my site for vunerabilties. Is there a free website Scanner that finds vulnerabilities?

Your sites has been hacked. No i didn't do it. LOL PWNED!! */echo ' LOL PWNED!! ';?>*/echo ' LOL PWNED!! ';?>*/echo ' LOL PWNED!! ';?>

Is not vulnerable to this xss code perl -e 'print \"<IMG SRC=java\0script:alert(\"XSS\")>\";' > out

I'm going to start testing.So if you see odd stuff its me testing

How bout this code? Index.php <html> <head> <title><?PHP?></title> </head> <body> <form action="index.php" method=POST> Username: <input type=text name=user><br> Password: <input type=password name=pass> <input type=submit value="Login"> </form> <?php $user=$_POST["user"]; $pass=$_POST["pass"]; $user1="user" $pass1="pass" If (($user==$user1)&&($pass==$pass1)){ echo "Access Granted" } else { echo "Access Denied" ) ?> </body> </html>

Thanks. Just some simple noobish code bugs.

I just started php today and was wondering why this doesn't work? index.php <form action="next.php" method="post"> Enter your name: <input type="text" name="name" /> Enter your age: <input type="text" name="age" /> <input type="submit" /> </form> next.php <?php $file = fopen(test.txt, "a+"); fwrite($file,$_Post ["name"]; fwrite($file,$_Post ["age"]; fclose(test.txt); ?>