madk Posted May 20, 2008 Share Posted May 20, 2008 This afternoon I tried to setup a simple single page login form. The username and password are pulled from an include file and not a db. Does anyone notice any faults? Hosted here: http://www.mattkris.com/admin/admin_login.php Username: test Password: dummy Thanks in advance. <? session_start(); include_once("../config.php"); // Setup defaults $error = ""; if(isset($_POST['admin_name']) && isset($_POST['admin_pass'])) { if(empty($_POST['admin_name'])) { $error .= "Please enter a username.<br />"; } if(empty($_POST['admin_pass'])) { $error .= "Please enter a password.<br />"; } if(!empty($_POST['admin_name']) && !empty($_POST['admin_pass'])) { if ($_POST['admin_name'] != USER_NAME || $_POST['admin_pass'] != USER_PASS) { // If login details don't match $error .= "Login Error"; } else { // Login matches, set session and forward $_SESSION['username'] = $user; $url = 'Location:' . SITE_URL . 'admin/index.php'; header($url) ; exit; } } } ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en"> <head> <title><? echo SITE_NAME; ?> - Admin Menu</title> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" /> <link rel="stylesheet" type="text/css" href="style.css" /> <script type="text/javascript"> function focusit() { document.getElementById('admin_name').focus(); } window.onload = focusit; </script> </head> <body> <div style="padding-top: 100px"> <form name="login" action="admin_login.php" method = "post"> <? if(!empty($error)) { ?> <div class = "notice"> <? echo $error; ?> </div> <? } ?> <table class = "login" cellspacing="0" cellpadding="5"> <tr bgcolor="#808080"> <td style="color:#FFFFFF"><b>Admin Login</b></td> <td></td> <td></td> </tr> <tr> <td rowspan="3"></td> <td> Username<br /></td> <td> <input type="text" id="admin_name" name="admin_name" value="" /></td> </tr> <tr> <td>Password </td> <td><input type="password" id="admin_pass" name="admin_pass" value="" /></td> </tr> <tr> <td><input type="hidden" name="e" value="0" /></td> <td><input type="submit" name="submit" value="Log In" /></td> </tr> </table> </form> </div> </body> </html> Link to comment Share on other sites More sharing options...
947740 Posted May 20, 2008 Share Posted May 20, 2008 Looks and tested fine. Link to comment Share on other sites More sharing options...
smc Posted May 21, 2008 Share Posted May 21, 2008 I would be careful with hard coded passes. Off the bat I don't see anything immediately exploitable but I'm far from a premo-hacker. Link to comment Share on other sites More sharing options...
947740 Posted May 21, 2008 Share Posted May 21, 2008 If you do switch over to a database, you will want to use mysql_real_escape_string() to sanitize the user input. Link to comment Share on other sites More sharing options...
kbh43dz_u Posted May 31, 2008 Share Posted May 31, 2008 I would at least save the hash of the password - not in plain text. if somebody can access your webserver (through an security issue, misconfiguration or anything else) he can read the pass. kind regards Link to comment Share on other sites More sharing options...
juliston Posted June 3, 2008 Share Posted June 3, 2008 seems working fine............ Link to comment Share on other sites More sharing options...
Recommended Posts