Jump to content

Can some help with a php code ?

morlets

By morlets
in PHP Coding Help

 Share

Recommended Posts

morlets Newbie

morlets

Posted
Posted

Hi, I tried looking around to see if I can figure it out on my own but I was just woundering if I can have someone double check a script I have. I am running a mmorpg game and I have a add account php script which I wanna make sure if secure.

 

I am not even sure if this is in the right section but if anyone has any input I would grealy appreciate it.

 

Thanks for your time

 

<body bgcolor='FFFFFF'><font color='777777'><FONT FACE='Verdana'><FONT SIZE='1'>
<u><font face="Arial" size="1.5">Add an Account (BETA)</u><br>
<?php
  include("script/config.php");
  if ('submit')
  			if (!eregi("^[a-zA-Z0-9]*$",$_POST['loginID'])) {
	echo "hack attempt 1 by  ". $_SERVER['REMOTE_ADDR'] . "!!!!";
	exit;
}
		if (!eregi("^[a-zA-Z0-9]*$",$_POST['Password'])) {
	echo "hack attempt 3 by  ". $_SERVER['REMOTE_ADDR'] . "!!!!";
	exit;
}
		if (!eregi("^[a-zA-Z0-9]*$",$_POST['Password2'])) {
	echo "hack attempt 4 by  ". $_SERVER['REMOTE_ADDR'] . "!!!!";
	exit;
}
  		if (strlen($_POST['loginID']) > 16) {
	echo "hack attempt 10 by  ". $_SERVER['REMOTE_ADDR'] . "!!!!";
	exit;
}
		if (strlen($_POST['Password']) > 16) {
	echo "hack attempt 12 by  ". $_SERVER['REMOTE_ADDR'] . "!!!!";
	exit;
}
		if (strlen($_POST['Password2']) > 16) {
	echo "hack attempt 13 by  ". $_SERVER['REMOTE_ADDR'] . "!!!!";
	exit;
}
       	$test = $_POST['test'];
  if (isset($_POST['Create'])) {
    if ($_POST['loginID'] > ""  &&  $_POST['Password'] > ""  &&  $_POST['Password2'] > ""  &&  $_POST['question'] > ""  &&  $_POST['answer'] > ""  &&  $_POST['email'] > "" ) {
$validchars = "abcdefghijklmnopqrstuvwxyz0123456789@";
$valid = true;
for ($i = 0; $i < strlen($_POST['loginID']); $i++) {
if (strpos($validchars,strtolower(substr($_POST['loginID'],$i,1))) === false){
$valid = false;
}
}

for ($i = 0; $i < strlen($_POST['Password']); $i++) {
if (strpos($validchars,strtolower(substr($_POST['Password'],$i,1))) === false){
$valid = false;
}
}
if ($_POST['Password'] != $_POST['Password2']){
$valid=false;
}
    if ($valid == true) {
$query = "SELECT top 1 BillID FROM tblBillID WHERE BillID = '".$_POST['loginID']."'";
		$result = odbc_exec($conn,$query);
		if (( odbc_num_rows($result) > 0) || ( odbc_num_rows($result) == "-1")) {
			echo "<b>Account name in use.</b>";
			odbc_close($conn);
		} else {
			$accquery = "INSERT INTO tblBillID(BillID,Password,FreeDate,EMail,SecurityNum1,SecurityNum2,Note1,Note2) VALUES('".$_POST['loginID']."','".$_POST['Password']."','12.12.2151', '".$_POST['email']."', '6856', '145','".$_POST['question']."','".$_POST['answer']."')";
			$accresult = odbc_exec($conn,$accquery);
			odbc_close($conn);
			echo "<b>Account Has Been Added</b>";
			exit;
		}
	} else {
		echo "<b>You didn't fill out all the required fields.</b>";
	}
} else {
	echo "<b>Please fill in all fields on the form.</b>";
}		
	echo "<br><br>";
		}

?>

<script type="text/javascript">
<!--
var letters='ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz '
var numbers='1234567890'
var custom='@.?'

function alpha(e,allow) {
var k;
k=document.all?parseInt(e.keyCode): parseInt(e.which);
return (allow.indexOf(String.fromCharCode(k))!=-1);
}
//form clear function
function clearDefault(el) {
  if (el.defaultValue==el.value) el.value = ""
}
// -->
</script>

			<form action="" method="post">

<br>
Game ID:<p>
<input name="loginID" type="text" maxlength="14" onkeypress="return alpha(event,letters+numbers+custom)" ONFOCUS="clearDefault(this)">

<br><br>
Password:<p>
<input name="Password" type="password" maxlength="28" onkeypress="return alpha(event,letters+numbers+custom)" ONFOCUS="clearDefault(this)">

<br><br>
Retype Password:<p>
<input name="Password2" type="password" width="100" onkeypress="return alpha(event,letters+numbers+custom)" ONFOCUS="clearDefault(this)">

<br><br>
Email Address:<p>
<input name="email" type="text" maxlength="30" onkeypress="return alpha(event,letters+numbers+custom)" ONFOCUS="clearDefault(this)">

<br><br>
Secrete Question:<p>
<input name="question" type="text" width="100" onkeypress="return alpha(event,letters+numbers+custom)" ONFOCUS="clearDefault(this)">

<br><br>
Answer:<p>
<input name="answer" type="text" width="100" onkeypress="return alpha(event,letters+numbers+custom)" ONFOCUS="clearDefault(this)">


<br><p><br>
<td><input type="submit" name="Create" value="Add Account!"></td>
					</tr>
				</table>
			</form>
		</td>
	</tr>
</table>

 

Link to comment
Share on other sites
btherl Member

btherl

Posted
Posted

What does "if ('submit')" supposed to do?  It probably should be something like "if ($_REQUEST['submit'])".  Or nothing at all.  Those validation checks will match empty strings.

 

Also there is no need to have that second check, the "$validchars = ..." one.  You can do that much more simply with an eregi, as you do at the top of the script.

 

For security from sql injection, escaping the data using the appropriate database function is good enough.  In your case, as you have restricted the character set allowed in the variables used in the sql, I think you are fine..

 

So the only problem I can see is that you have too much validation :P

Link to comment
Share on other sites
Andy-H Advanced Member

Andy-H

Posted
Posted

Your eregi functions can be replaced with ctype_alnum() functions.

 

You should use md5() or some other encryption function for passwords. If you used md5() validation for passwords would not be neccessary.

 

I have never used ODBC but I dont see any prepared statements so I assume you shouldn't be insering raw postdata into your querys?

 

you could use filter_var($_POST['email'], FILTER_VALIDATE_EMAIL) !== False to check for valid emails if your running PHP version >= 5

 

e.g.


if(!filter_var($_POST['email'], FILTER_VALIDATE_EMAIL)) {
    echo "E-mail is not valid";
} else {
    echo "E-mail is valid";
}

 

Theres no point in echoing 'hack attempt back to the user. Especially since the checks have nothing to do with hacking, I would probably leave your website if I saw that...

 

You need to check for empty() post data or a lower end strlen.

Link to comment
Share on other sites
morlets Newbie

morlets

Posted
  • Author
Posted

Hate to bring up this topic again but I got a fast qestion. Is there a way to Hash the passwords from this file?

 

Problem is I have this online mmorpg and it was being hosted by another person but the person gave up on it becasue someone got into the databse so he gave me all the files and I am running it. I am useing sql server 2000. I am looking to beef up the database but im kind of lost to where to start or where to go for help.

 

I figured if I put a hash on the passwords it would atleast "slow" them down if they did get in the database.

 

Any input would GREATLY be of help.

Link to comment
Share on other sites
This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.