Jump to content

Is this login script secure?

steviez

By steviez
in PHP Coding Help

Recommended Posts

steviez Advanced Member

steviez

Posted
Posted

Hi,

 

I have created a login script for a site i am working on but have been told that it is not secure.. Would someone please have a look through the code and point out to me any parts that are not secure and could lead to anyone been able to login as any user.

 

Thanks

 

<?php

// Set Error Reporting
error_reporting(E_ALL ^ E_WARNING ^ E_NOTICE);

// Iinclude Database Information
include "./include/database_config.php";

// Include Class/Ffunction Files
include "./include/class_database.php";
include "./include/class_mail.php";
include "./include/functions_general.php";
include "./include/global_config.php";

// Initiate Database Connection
$database = new se_database($database_host, $database_username, $database_password, $database_name);

// Initiate Mail Class
$mail = new mailer;

// Ensure No SQL Injections Through Post Or Get Arrays
$_POST = security($_POST);
$_GET = security($_GET);

// Set Error Vars
$error = 0; // Set Error to 0
$error_message = ""; // No Error Message

// Get Return URL
$return_url = $_GET['return_url'];

// Match Data From Post Form
if(isset($_POST['task']) && $_POST['task'] == 'dologin')
{
$match = "SELECT user_id FROM members WHERE email = '".$_POST['email']."'
AND password = '".md5($_POST['password'])."'"; 
$qry = mysql_query($match) or die ("Could not match data because ".mysql_error());
$num_rows = mysql_num_rows($qry);

/* Get Username */
$user = sql_row("SELECT * FROM members WHERE email = '".$_POST['email']."'");

// Wrong Combo
if($num_rows <= 0) 
{
$error = 1; 
$error_message = "Incorrect email/password combination.";


} else {

/* Login Token */
$token = str_shuffle("ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz123456789");
$login_token = base64_encode($token);

/* Set Cookies */
setcookie("loggedin", "TRUE", time()+(3600 * 24), "/", ".mysite.com");
setcookie("gt_username", $user['username'], time()+(3600 * 24), "/", ".mysite.com");
setcookie("gt_userid", $user['user_id'], time()+(3600 * 24), "/", ".mysite.com");

/* Insert Successfull Login In To Database */
$login_date = date("Y-m-d");
$username = $user['username'];	
$user_id = $user['user_id'];
$database->database_query("INSERT INTO logins (email, 
										   username,
										   user_id,
										   date,
										   status,
										   token
										   ) VALUES (
										   '".$_POST['email']."',
										   '".$username."',
										   '".$user_id."',
										   '".$login_date."',
										   'Success',
										   '".$login_token."')") or die('Query failed: ' . mysql_error()); // Insert Successfull Login
										   
$database->database_query("UPDATE members SET status = 'Online', last_login = '".$login_date."' WHERE user_id = '".$user_id."'"); // Update Status And Last Login
										   

/* Redirect User To mysite.com Or To Their Custom Location */
if(isset($_POST['return_url']))
{ 
$return_url = $_POST['return_url']; 
} elseif(isset($_GET['return_url'])) { 
$return_url = $_GET['return_url']; 
} else { 
$return_url = ""; 
}
$return_url = urldecode($return_url);
$return_url = str_replace("&", "&", $return_url);
if($return_url == "") { $return_url = "http://mysite.com/index.php?action=user_home&token=$login_token"; }
header("location: $return_url");
}

}//End If

/* If Session Exists Then Redirec User To mysite.com */
if(isset($_COOKIE['loggedin']))
{
header("location: http://mysite.com/index.php?action=user_home&token=".base64_encode(rand())."");
}

?>

Link to comment
https://forums.phpfreaks.com/topic/100045-is-this-login-script-secure/
Share on other sites

Archived

This topic is now archived and is closed to further replies.

Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.