MySQL Values are magically changing???

[yanjchan]

Hello.

Could someone please help me with this problem I've been having...

I put a value of a hashed password in a cookie and compare it in a value from a database.

In my initial checks during the login process, everything turns out OK. However, in my page to page authentication script, even though I have made sure to do the exact thing (after it didn't work the first time I directly copied and pasted). When comparing the hash values from the table requested in the first string, I get one identical to the correct one. However, in my page to page script, I get a completely different value.

 

The above was probably hard to follow (I'm not great at explaining things) So please look at the code

 

<?php

if ($_COOKIE['xsrf['.$_POST['i'].']'] != $_POST['xsrf'] || !isset($_COOKIE['xsrf['.$_POST['i'].']'])) {
$errors = "It appears you have been a victim of a browser attack! Please run a virus scan before continuing online activities.";
setcookie('xsrf', sha1($hash), time()-1, '/citizen/', '.ch4n.net');
header("Location: login.php?errors=$errors");
}
setcookie('xsrf', sha1($hash), time()-1, '/citizen/', '.ch4n.net');
require('authent.php');
$user = mysql_escape_string(htmlentities($_POST['username']));
$pass = mysql_escape_string(htmlentities($_POST['password']));

$passwordhash = hashPassword($pass);

if(table_exists("user_".$user, 's2zsl9rx_citizen')) {
	// Make a MySQL Connection
	require('c2db.php');
	mysql_select_db("s2zsl9rx_citizen") or die(mysql_error());

	$result = mysql_query("SELECT * FROM user_".$user."")
	or die(mysql_error());  

	$row = mysql_fetch_array( $result );

		if ($row['pass'] == $passwordhash) {
			$value = $user.','.$passwordhash.','.hashPassword(getip()).','.hashPassword($_SERVER['HTTP_USER_AGENT']);
			setcookie('citizeninfo', $value, time()+3600, '/citizen/', '.ch4n.net');
			mysql_close();
			header("Location: game.php");

		} else {
			$errors = 'Username and/or password are incorrect';
			mysql_close();
        		header("Location: login.php?errors=$errors");
		}


} else {
        $errors = 'Username and/or password are incorrect';
        header("Location: login.php?errors=$errors");
	}


?>

<?php

if ($_COOKIE['xsrf['.$_POST['i'].']'] != $_POST['xsrf'] || !isset($_COOKIE['xsrf['.$_POST['i'].']'])) {
$errors = "It appears you have been a victim of a browser attack! Please run a virus scan before continuing online activities.";
setcookie('xsrf', sha1($hash), time()-1, '/citizen/', '.ch4n.net');
header("Location: login.php?errors=$errors");
}
setcookie('xsrf', sha1($hash), time()-1, '/citizen/', '.ch4n.net');
require('authent.php');
$user = mysql_escape_string(htmlentities($_POST['username']));
$pass = mysql_escape_string(htmlentities($_POST['password']));

$passwordhash = hashPassword($pass);

if(table_exists("user_".$user, 's2zsl9rx_citizen')) {
	// Make a MySQL Connection
	require('c2db.php');
	mysql_select_db("s2zsl9rx_citizen") or die(mysql_error());

	$result = mysql_query("SELECT * FROM user_".$user."")
	or die(mysql_error());  

	$row = mysql_fetch_array( $result );

		if ($row['pass'] == $passwordhash) {
			$value = $user.','.$passwordhash.','.hashPassword(getip()).','.hashPassword($_SERVER['HTTP_USER_AGENT']);
			setcookie('citizeninfo', $value, time()+3600, '/citizen/', '.ch4n.net');
			mysql_close();
			header("Location: game.php");

		} else {
			$errors = 'Username and/or password are incorrect';
			mysql_close();
        		header("Location: login.php?errors=$errors");
		}


} else {
        $errors = 'Username and/or password are incorrect';
        header("Location: login.php?errors=$errors");
	}


?>

[.josh]

I see you setting a cookie with $hash as a value but I don't see where you are assigning anything to $hash.  I also see lots of setcookies but nowhere where you actually retrieve it. Is that in hashPassword() or an include?

[yanjchan]

That works perfectly find. It's merely deleting the value for the xsrf cookie set in a previous form.

[yanjchan]

Update: It appears that it's the same value being returned... every time.