sasori Posted September 19, 2008 Share Posted September 19, 2008 i have these 3 scripts //loginform.php <?php if(isset($message)) { echo "$message"; } echo "<form action='$_SERVER[php_SELF]' method='POST'>"; echo "<label for='user_name'>username</label>"; echo "<input type='text' name='user_name' id='user_name' value='$user_name' />"; echo "<label for='password'>password</label>"; echo "<input type='text' name='password' id='password' value='$password' />"; echo "<input type='hidden' name='sent' value='yes' />"; echo "<input type='submit' value='Log in' />"; ?> //login.php <?php if(isset($_POST['sent']) && $_POST['sent'] == "yes") { foreach($_POST as $field => $value) { if(empty($value)) { $blank_array[] = $field; } else { $good_value[$field] = strip_tags(trim($value)); } } //end foreach if(sizeof($blank_array) > 0 ) { echo " you need to enter both userid and password"; extract($good_value); extract($blank_array); include('loginform.php'); exit(); } //end if blanks found include('db.php'); $cxn = mysqli_connect($host,$user,$pwd,$db) or die ("can't connect to db"); $query = "SELECT userid FROM users WHERE userid='$_POST[user_name]' AND pwd=md5('$_POST[password]')"; $result = mysqli_query($cxn,$query) or die("can't execute query"); $n_row = mysqli_num_rows($result); if($n_row < 1) { $message = "User id and password not found!"; extract($_POST); exit(); } else { $row = mysqli_fetch_assoc($result); extract($row); header("Location: http://localhost/webapp/logingreet.php?user_name=$row[userid]"); } } //end submit else { $user_name = ""; $password = ""; include("loginform.php"); } ?> <?php echo "Hello,{$_GET['user_name']}Welcome to the secret page"; ?> when i run the login.php and input a username and password that exist in the database, the logingreet.php just works fine..but i got alarmed when i tried to insert a username on the URL of the logingreet.php?user_name= that doesn't exist in the db..and it worked ..what should i do to fix this? Quote Link to comment https://forums.phpfreaks.com/topic/124946-solved-login-security-help/ Share on other sites More sharing options...
.josh Posted September 19, 2008 Share Posted September 19, 2008 What you should do is use session vars like I told you in your other thread. Quote Link to comment https://forums.phpfreaks.com/topic/124946-solved-login-security-help/#findComment-645605 Share on other sites More sharing options...
sasori Posted September 21, 2008 Author Share Posted September 21, 2008 What you should do is use session vars like I told you in your other thread. i'll take note of that.. am not yet in the sessions stuff from the book am reading that's why i don't have any idea about it Quote Link to comment https://forums.phpfreaks.com/topic/124946-solved-login-security-help/#findComment-646764 Share on other sites More sharing options...
Adam Posted September 21, 2008 Share Posted September 21, 2008 <?php echo "Hello,{$_GET['user_name']}Welcome to the secret page"; ?> All you're doing here is outputting $_GET['user_name'], which is whatever they enter in the URL ? Quote Link to comment https://forums.phpfreaks.com/topic/124946-solved-login-security-help/#findComment-646768 Share on other sites More sharing options...
sasori Posted September 21, 2008 Author Share Posted September 21, 2008 what i wanted to happen was output a hello greeting to a username that exist in the database if it was logged in the form..but what it currently does is, it outputs the greeting even if you just type a username on the URL ..username doesn't exist in the database Quote Link to comment https://forums.phpfreaks.com/topic/124946-solved-login-security-help/#findComment-646769 Share on other sites More sharing options...
chronister Posted September 21, 2008 Share Posted September 21, 2008 Sessions are not that complicated. Here is a basic example of how they work Page1.php <?php session_start(); $_SESSION['var1'] = 'Banana'; $_SESSION['var2'] = 'Pear'; ?> <a href="page2.php">Go to Page 2</a> Page 2.php <?php session_start(); // this is actually a session continue .. $fruit1 = $_SESSION['var1']; $fruit2 = $_SESSION['var2']; echo 'My favorite fruits are the '.$fruit1.' and the '.$fruit2; ?> Page 2 should say My favorite fruits are the Banana and the Pear Sessions are fairly easy to understand and are really handy for storing information throughout a user session. Nate Quote Link to comment https://forums.phpfreaks.com/topic/124946-solved-login-security-help/#findComment-646770 Share on other sites More sharing options...
chronister Posted September 21, 2008 Share Posted September 21, 2008 what i wanted to happen was output a hello greeting to a username that exist in the database if it was logged in the form Then you should pull the information from the database and ensure the user exists before loading the page. Then use the database information to populate the greeting not the $_GET value. Nate Quote Link to comment https://forums.phpfreaks.com/topic/124946-solved-login-security-help/#findComment-646771 Share on other sites More sharing options...
Adam Posted September 21, 2008 Share Posted September 21, 2008 Yeah, building on what they've said... When you get to: $row = mysqli_fetch_assoc($result); extract($row); header("Location: http://localhost/webapp/logingreet.php?user_name=$row[userid]"); Use: $row = mysqli_fetch_assoc($result); $_SESSION['user_name'] = $row['user_name']; header("Location: http://localhost/webapp/logingreet.php"); Change the query to: $query = "SELECT * FROM users WHERE userid='$_POST[user_name]' AND pwd=md5('$_POST[password]')"; (note * .. which means select every field) Then on logingreet.php: <?php session_start(); if ( isset($_SESSION['user_name']) ) { echo "Hello,{$_SESSION['user_name']}Welcome to the secret page"; } else { echo "Not logged in!"; } ?> ... not forgetting session_start() at the start of each page. Hope that sheds a little more light on things?? Adam Quote Link to comment https://forums.phpfreaks.com/topic/124946-solved-login-security-help/#findComment-646775 Share on other sites More sharing options...
sasori Posted September 21, 2008 Author Share Posted September 21, 2008 Yeah, building on what they've said... When you get to: $row = mysqli_fetch_assoc($result); extract($row); header("Location: http://localhost/webapp/logingreet.php?user_name=$row[userid]"); Use: $row = mysqli_fetch_assoc($result); $_SESSION['user_name'] = $row['user_name']; header("Location: http://localhost/webapp/logingreet.php"); Change the query to: $query = "SELECT * FROM users WHERE userid='$_POST[user_name]' AND pwd=md5('$_POST[password]')"; (note * .. which means select every field) Then on logingreet.php: <?php session_start(); if ( isset($_SESSION['user_name']) ) { echo "Hello,{$_SESSION['user_name']}Welcome to the secret page"; } else { echo "Not logged in!"; } ?> ... not forgetting session_start() at the start of each page. Hope that sheds a little more light on things?? Adam clear as the mountain springs...thanks sir Quote Link to comment https://forums.phpfreaks.com/topic/124946-solved-login-security-help/#findComment-646776 Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.