Login Page does not check db values!!!

[winnard2008]

Hi Guys,

 

For some reason my login script does not check the values in the database for a match and simply logs you in regardless of what you type in the username and password fields.

 

Any help would be great.

 

 

Here is the code

<?PHP
// Send nothing to the Web Browser until the Session_start() Line.
// Check if the form has been submitted.
if (isset($_POST['submitted'])) {

require_once ('xxxxxxxxxx'); // Connect to the database.

$errors = array(); // Initialise Error Array.

// Check for a UserName.
if(empty($_POST['UserName'])) {
	$errors[] = '<p>You forgot to enter a User Name.</p>';
} else {
	$u = ($_POST['UserName']);
}

//Check for a Password.
if (empty($_POST['Password'])) {
	$errors[] = '<p>You forgot to enter a Password</p>';
} else {
	$p = ($_POST['Password']);
}

if (empty($errors)) { // If everything's OK.

// Retrieve the UserID and UserName for login combination.
$query = "SELECT UserID FROM Users WHERE UserName='$u' AND Password=SHA('$p')";
$result = @mysql_query ($query);
$row = mysql_fetch_array ($result, MYSQL_NUM);

if ($row)) { // A record was pulled from the database.

//Start the session for this user.
session_start();
$_SESSION['UserID'] = $row[0];
$_SESSION['UserName'] = $row[1];
}
//Redirect the user to the admin home panel.
if (!headers_sent()) {
	header ('Location: index.html');
exit(); // Quit the script.
} else { // No record matched the query.
$errors[] = 'The User Name and Password entered do not match our records.';
$errors[] = mysql_error() . '<br /><br />Query: ' . $query;
}
}
mysql_close(); // Close the database connection.
} else { // Form has not been submitted.
$errors = NULL;
} // End of the main submit conditional.
// Begin the page.
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<title></title>
<link href="css/styles2.css" rel="stylesheet" type="text/css" />
</head>
<body>
<div id="wrapper">
<div id="header">
</div>
<div id="right_column">
<?PHP
if (!empty($errors)) { // Print any error messages.
echo '<h1>Error!</h1>
<p>The following error(s) occurred:<br />';
foreach ($errors as $msg) {
	echo " - $msg<br />\n";
}
echo '</p><p>Please try again.</p>';
}
// Create the form.
?><br /><br />
<div align="center"><h2>Login</h2></div>
<form id="form" action="login.php" method="post">
<p>Username: <input type="text" name="UserName" size="10" maxlength="10" class="textarea" /></p><br />
<p>Password: <input type="password" name="Password" size="10" maxlength="10" class="password"/></p><br />
<p><input type="submit" name="submit" value="Login"  class="button"/></p><br />
<input type="hidden" name="submitted" value="TRUE" />
</form>
</div>

[Maq]

Have you tried echoing out your values to make sure they're correct?

[Brian W]

	
$row = mysql_fetch_array ($result, MYSQL_NUM);

if ($row)) { // A record was pulled from the database.

//Start the session for this user.

session_start();
$_SESSION['UserID']  = $row[0];
$_SESSION['UserName'] = $row[1];
}

I think your problem is within these lines... but I cant put my finger on it.

Trouble shoot please./ disable your redirect for a moment and echo $u, $p, $row[0], and $row[1]

if they are all working properly, than I'll keep looking into your code, other wise maybe we can rework the syntax to get what you want.

[winnard2008]

Hi

 

I am getting an error to do with the query.

 

When I echo the stuff you wanted me to echo it was bringing up a query error and not displaying the things I echo'd out.

 

 

 

[Maq]

Try:

 

$query = "SELECT UserID FROM Users WHERE UserName='" . $u . "' AND Password=SHA('" . $p . "')";

[Brian W]

Does the query error tell you anything? like does it have a excerpt from the syntax or the SQL? Can't think of whether it will or not, but worth asking.

Any way, try

$query = "SELECT UserID FROM Users WHERE UserName='".$u."' AND Password='".SHA($p)."'";

LOL, or what the other guy beat me too. I didn't know you could SHA with SQL... let me know who's works. (if either)

That might actually do the trick... but i'm not that great at the whole sql thing yet.

[Maq]

SHA($p)

 

What is SHA?  A function or hard coded text?

[Brian W]

SHA is like md5() or whatever, it hashes the string like encrypting. SHA was developed by some government branch related to national security.

[Maq]

Well is it part of PHP?

[winnard2008]

Hi Guys,

 

 

Thanks for all your efforts but whilst I have changed the query and I am getting no syntax errors, it still is logging me in under any username passwords. I must admit I am very new to PHP and knowing where to echo out the values and error reporting isnt my strongest point. Maybe you could guide in this area and I will be able to find out if there are errors anywhere else.

 

 

Cheers Danny

[Maq]

Sure, for error reporting put this in.  It will show errors only for the session.

 

// Send nothing to the Web Browser until the Session_start() Line.
// Check if the form has been submitted.

error_reporting(E_ALL);
ini_set('error_reporting', E_ALL);

if (isset($_POST['submitted'])) {

 

Let us know what errors you get.

[winnard2008]

I don't get a single error?????????????

 

I think I am just going to re-write this code because I cannot understand what is wrong with it.

 

When I log in, it directs to the index page. Even if the username and password are completely bogus.

I really dont understand it.