yanjchan Posted December 25, 2009 Share Posted December 25, 2009 First of all, thanks for the generous help you guys have given me in the past on this forum. Second, I apologize in advance if my code is hard to read, most of it was done in a rush. Here goes: login.php <?php // create anti-csrf cookie value $hash = sha1(time().rand().strlen(rand())); $hash = substr($hash, 0, ; if (isset($_COOKIE['xsrf[0]'])) { $i = 0; while (isset($_COOKIE['xsrf['.$i.']'])) { $i++; } setcookie('xsrf['.$i.']', $hash, 0, '/citizen/', '.ch4n.net'); } else { setcookie('xsrf[0]', $hash, 0, '/citizen/', '.ch4n.net'); } ?> <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> <html> <head> <title>Citizen - Login</title> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"> <link rel="stylesheet" href="default.css"> </head> <body> <div class="header"><?php include("menu.html"); ?></div> <div class="body"> <?php if (!empty($_GET['errors'])): ?> <ul> <li><?php print implode("</li>\n\t<li>", explode(';', $_GET['errors'])); ?></li> </ul> <?php endif; ?> <form name="login" action="login_process.php" method="POST"> <input type="hidden" name="xsrfi" value="<?php echo $i; ?>" /> <input type="hidden" name="xsrf" value="<?php echo $hash; ?>" /> <table cellpadding="1" cellspacing="1" id="login"> <tbody> <tr class="username"> <th>Username</th> <td><input type="text" id="username" name="username" maxlength="20" /><br /></td> </tr> <tr class="password"> <th>Password</th> <td><input type="password" id="password" name="password" maxlength="20" /></td> </tr> </tbody> </table> <input type="submit" name="submit" value="Login!" /> </form> </div> </body> </html> login_process.php <?php if ($_COOKIE['xsrf['.$_POST['xsrfi'].']'] !== $_POST['xsrf'] || !isset($_COOKIE['xsrf['.$_POST['xsrfi'].']'])): $errors = "It appears you have been a victim of a browser attack! Please run a virus scan before continuing online activities.;".$_COOKIE['xsrf['.$_POST['xsrfi'].']'].";".$_POST['xsrfi'].";".$_POST['xsrf']; setcookie('xsrf['.$_POST['xsrfi'].']', sha1($hash), time()-1, '/citizen/', '.ch4n.net'); header("Location: login.php?errors=$errors"); endif; setcookie('xsrf', sha1($hash), time()-1, '/citizen/', '.ch4n.net'); require('authent.php'); $user = mysql_escape_string(htmlentities($_POST['username'])); $pass = mysql_escape_string(htmlentities($_POST['password'])); $passwordhash = hashPassword($pass); if(table_exists("user_".$user, 's2zsl9rx_citizen')): // Make a MySQL Connection require('c2db.php'); mysql_select_db("s2zsl9rx_citizen") or die(mysql_error()); $result = mysql_query("SELECT * FROM user_$user WHERE type='001'") or die(mysql_error()); $row = mysql_fetch_assoc($result); if ($row['val'] == $passwordhash): $value = $user.','.$row['val'].','.hashPassword(getip()); setcookie('citizeninfo', $value, time()+3600, '/citizen/', 'ch4n.net'); mysql_close(); header("Location: game.php"); else: $errors = 'Username and/or password are incorrect'.$row['val']; mysql_close(); header("Location: login.php?errors=$errors"); endif; else: $errors = 'Username and/or password are incorrect'; header("Location: login.php?errors=$errors"); endif; ?> Any help at all would be very much appreciated. Link to comment https://forums.phpfreaks.com/topic/186351-my-xsrf-prevention-code-isnt-working/ Share on other sites More sharing options...
ignace Posted December 25, 2009 Share Posted December 25, 2009 Read this article by Chris Shiflett: http://shiflett.org/articles/cross-site-request-forgeries Link to comment https://forums.phpfreaks.com/topic/186351-my-xsrf-prevention-code-isnt-working/#findComment-984070 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.