Jump to content

Is my script secure?


Etherwood

Recommended Posts

I have had a look through the hotscript directory for a script which is suitable for my requirements. Unfortunately I wasn't able to find one so I'm having to create my own from scratch. So far I have got the register.php and login.php scripts done. I would like someone to have a look and tell me if the scripts I have made is considered secure. The information being held on the server needs to be as secure as possible.

 

register.php

<?php
session_start();
include("config.php");
include("inc.php");
?>

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta name="Description" content="" />
<meta name="Keywords" content="" />
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<meta name="Robots" content="index,follow" />
<link rel="stylesheet" href="style.css" type="text/css" />
<title>Registration</title>
</head>

<?php
include('header.php');
include('leftbar.php');
include('rightbar.php');
?>

<div id="main">
<a name="TemplateInfo"></a>
<h1>Register New User</h1>

<?php
if (isset($_POST['submit'])) {
  // Form Submitted
  require_once('recaptchalib.php');
  $privatekey = "";
  $resp = recaptcha_check_answer ($privatekey,
  $_SERVER["REMOTE_ADDR"],
  $_POST["recaptcha_challenge_field"],
  $_POST["recaptcha_response_field"]);

  if (!$resp->is_valid) {
    die ("The reCAPTCHA wasn't entered correctly. Go back and try it again.");
  } else {

    // ReCaptcha Code Entered Correct
    // Validate Username
    if ($_POST['username'] != "") {
      $username = filter_var($_POST['username'], FILTER_SANITIZE_STRING);
      if ($username == "") {
        $errors .= 'Please enter a valid username.<br/><br/>';
      }
    } else {
      $errors .= 'Please enter your a username.<br/>';
    }

   // Validate Password
    if ($_POST['password'] != "") {
      $password = md5($_POST['password']);
    } else {
      $errors .= 'Please enter your a password.<br/>';
    }

   // Validate Name
    if ($_POST['name'] != "") {   
      $name = filter_var($_POST['name'], FILTER_SANITIZE_STRING);   
      if ($name == "") {   
        $errors .= 'Please enter a valid name.<br/><br/>';   
      }   
    } else {   
      $errors .= 'Please enter your a name.<br/>';   
    }

    if ($_POST['email'] != "") {
      $email = filter_var($_POST['email'], FILTER_SANITIZE_EMAIL);
      if (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
        $errors .= "$email is <strong>NOT</strong> a valid email address.<br/><br/>";
      }
    } else {
      $errors .= 'Please enter your email address.<br/>';
    }

    // Check For Errors
    if (!$errors) {
      $query=mysql_query("select * from user where username like '$username'") or die(mysql_error());
      if(mysql_num_rows($query)==0){
        @mysql_query("insert into user (username, password, name, email, date) values('$username','$password','$name','$email', NOW())");
        echo "Thank you, Your account has been created.";
      } else {
        echo '<div style="color: red">That username has already been taken, Please go back and try another.</div>';
      }
    } else {
      echo '<div style="color: red">' . $errors . '<br/></div>';
    }
  }
} else {
  // Form Not Submitted
?>

<form name="regitser" action="register.php" method="post">
Username: *<br /><input type="text" name="username" size="35" /><br />
Password: *<br /><input type="text" name="password" size="35" /><Br /><br />
Name: <br /><input type="text" name="name" size="35" /><br />
Email: *<br /><input type="text" name="email" size="35" /><br />
<input type="hidden" name="regform" value="1" /><br />

<?php 
  require_once('recaptchalib.php');
  $publickey = ""; // you got this from the signup page
  echo recaptcha_get_html($publickey);
?>
<br />
<input type="submit" name="submit" value="Register" />
</form>

<?php
}
?>

</div>

<?php
include('footer.php');
include ('endhtml.php');
?>

 

 

login.php

<?php
session_start();
include("config.php");
include("inc.php");
?>

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta name="Description" content="" />
<meta name="Keywords" content="" />
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<meta name="Robots" content="index,follow" />
<link rel="stylesheet" href="" type="text/css" />
<title>Login</title>
</head>

<?php
include('header.php');
include('leftbar.php');
include('rightbar.php');
?>

<div id="main">
<a name="TemplateInfo"></a>
<h1>Login</h1>

<?php
if (isset($_POST['Submit'])) {
  require_once('recaptchalib.php');
  $privatekey = "";
  $resp = recaptcha_check_answer ($privatekey,
  $_SERVER["REMOTE_ADDR"],
  $_POST["recaptcha_challenge_field"],
  $_POST["recaptcha_response_field"]);

  if (!$resp->is_valid) {
    die ("The reCAPTCHA wasn't entered correctly. Go back and try it again." .
    "(reCAPTCHA said: " . $resp->error . ")");
  } else {

    // ReCaptcha Code Entered Correct
    // Validate Username
    if ($_POST['username'] != "") {
      $username = filter_var($_POST['username'], FILTER_SANITIZE_STRING);
      if ($username == "") {
        $errors .= 'Please enter a valid username.<br/><br/>';
      }
    } else {
      $errors .= 'Please enter your a username.<br/>';
    }

    // Validate Password
    if ($_POST['password'] != "") {
      $password = md5($_POST['password']);
    } else {
      $errors .= 'Please enter your a password.<br/>';
    }

    // Check For Errors
    if (!$errors) {
      $query = mysql_query("select * from user where username='$username'") or die(mysql_error());
      $rows = mysql_fetch_array($query);
      if(($rows["username"] == $username) && ($rows["password"] == $password)) {
        $_SESSION['user'] = $username;
        echo "Login sucessful";
      } else {
        echo "Login failed";
      }
    } else {
      echo '<div style="color: red">' . $errors . '<br/></div>';
    }
  }
} else {
?>

<form name="login" action="login.php" method="post">
Username: <br /><input type="text" name="username" size="35" /><br />
Password: <br /><input type="text" name="password" size="35" /><Br /><br />

<?php 
require_once('recaptchalib.php');
$publickey = ""; // you got this from the signup page
echo recaptcha_get_html($publickey);
?>

<br />
<input type="submit" name="Submit" value="Login" />
</form>

<?php
}
?>

</div>

<?php
include ('footer.php');
include ('endhtml.php');
?>

 

Thank you for your help.

Link to comment
Share on other sites

  • 2 months later...
  • 4 weeks later...
    } else {     

    $errors .= 'Please enter your a username.<br/>';   

}

 

Other than some minor grammar errors, It looks to be alright. Although trusting sanitizing to filter_var isn't standard practise, It should hold as long as it strips/slashes quotes.

Link to comment
Share on other sites

  • 2 weeks later...
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.