eerikk2 Posted March 14, 2010 Share Posted March 14, 2010 so i found a tutorial online on how to make a login form. I got it to work. However, i am trying to make it find usernames and passwords from a mysql database this is the tutorial http://www.phpjabbers.com/phpexample.php?eid=23 the first part of the tutorial is where it holds the usernames and passwords. I was wonder how can i make this find usernames and passwords from my mysql database this is my code <?php $con = mysql_connect("localhost", "root",""); if(!con){ die('Could not connect to Database: '. mysql_error()); } mysql_select_db("test", $con); $results=mysql_query ("SELECT * FROM users"); while ($row=mysql_fetch_array($results)){ $USERS ["".$row['username'].""] = $row['password']; } function check_logged(){ global $_SESSION, $USERS; if(!array_key_exists($_SESSION["logged"],$USERS)) { header("Location: index.php"); }; }; ?> Quote Link to comment Share on other sites More sharing options...
trq Posted March 14, 2010 Share Posted March 14, 2010 You should actually query the database for a matching record upon logging the user in. eg; $uname = mysql_real_escape_string($_POST['uname']); $upass = md5($_POST['upass']); $sql = "SELECT uname FROM users WHERE uname = '$uname' && upass = '$upass'"; if ($result = mysql_query($sql)) { if (mysql_num_rows($result)) { // user found, log them in } else { // user not found } } else { // query failed } The logic you have posted doesn't make allot of sense. Quote Link to comment Share on other sites More sharing options...
eerikk2 Posted March 14, 2010 Author Share Posted March 14, 2010 well see the problem is the $USERS is throughout the website to allow for log in if you see on the tutorial i used. I'm not sure how to change it to make more sense. Yes i agree it doesnt make much sense but i'm not sure how to make a login php form Quote Link to comment Share on other sites More sharing options...
trq Posted March 14, 2010 Share Posted March 14, 2010 I haven't looked at the tutorial, but given your description, I would drop it. Once a user is verified to exist, you simply store a flag within the $_SESSION array. eg; session_start(); $uname = mysql_real_escape_string($_POST['uname']); $upass = md5($_POST['upass']); $sql = "SELECT uname FROM users WHERE uname = '$uname' && upass = '$upass'"; if ($result = mysql_query($sql)) { if (mysql_num_rows($result)) { $_SESSION['logged'] = true; } else { // user not found } } else { // query failed } You can then use this $_SESSION variable on any page to check if a user is logged in. session_start(); if (isset($_SESSION['logged'])) { // user is logged in } else { // user is not logged in } Quote Link to comment Share on other sites More sharing options...
eerikk2 Posted March 15, 2010 Author Share Posted March 15, 2010 thank you for the help but can you explain the function of each section of the code so i can further my understanding Quote Link to comment Share on other sites More sharing options...
trq Posted March 15, 2010 Share Posted March 15, 2010 // Initialize session data session_start(); // clean user input and store it within variables for easy access. $uname = mysql_real_escape_string($_POST['uname']); // hash the inputted password. $upass = md5($_POST['upass']); // create a query that will search for a user matching the gievn name & password $sql = "SELECT uname FROM users WHERE uname = '$uname' && upass = '$upass'"; // execute the query. if ($result = mysql_query($sql)) { // check to see if any results where found if (mysql_num_rows($result)) { // we have a match. store the boolean true within the $_SESSION array. $_SESSION['logged'] = true; } else { // user not found } } else { // query failed } Quote Link to comment Share on other sites More sharing options...
eerikk2 Posted March 16, 2010 Author Share Posted March 16, 2010 i continually receive that the log in failed Quote Link to comment Share on other sites More sharing options...
trq Posted March 16, 2010 Share Posted March 16, 2010 Are you storing your passwords as md5 hashes? Quote Link to comment Share on other sites More sharing options...
LeadingWebDev Posted March 16, 2010 Share Posted March 16, 2010 its a big mistake to get user AND pass and check only mysql_num_rows as we know '1'='1' will always return true, in most cases post 1=1, etc... as login and password, query will return true, 1 row and you probably will pass login. i may explained it not soo well, but sorry for bad english $sql=mysql_query("SELECT * FROM users WHERE username='$username'"); if(mysql_num_row($sql) > 0) { $row=mysql_fetch_array($sql); if($password === $row['password']) { // Set session // redirect him } else { //error } } else { //wrong username or password (we know that user unexist, but won't show it) } in this example i also mean you info already protected and you not using register_globals=on as it is vulnerable too=) Quote Link to comment Share on other sites More sharing options...
eerikk2 Posted March 16, 2010 Author Share Posted March 16, 2010 Are you storing your passwords as md5 hashes? no im not i dont know how to do that so i just took that part out as for its a big mistake to get user AND pass and check only mysql_num_rows as we know '1'='1' will always return true, in most cases post 1=1, etc... as login and password, query will return true, 1 row and you probably will pass login. i may explained it not soo well, but sorry for bad english i dont get what you mean. if a user were to type in just a username they could get in? Quote Link to comment Share on other sites More sharing options...
LeadingWebDev Posted March 16, 2010 Share Posted March 16, 2010 Are you storing your passwords as md5 hashes? no im not i dont know how to do that so i just took that part out as for its a big mistake to get user AND pass and check only mysql_num_rows as we know '1'='1' will always return true, in most cases post 1=1, etc... as login and password, query will return true, 1 row and you probably will pass login. i may explained it not soo well, but sorry for bad english i dont get what you mean. if a user were to type in just a username they could get in? do that md5($var); hacker can specify information to pass login and get inside. expample: i know your username, i type your username and as password i specify 1=1, etc... and then password will be true) script will receive information and you logging in. Quote Link to comment Share on other sites More sharing options...
eerikk2 Posted March 16, 2010 Author Share Posted March 16, 2010 ok so i got md5($var); to work but what is the other guy talking about its a big mistake to get user AND pass and check only mysql_num_rows as we know '1'='1' will always return true, in most cases post 1=1, etc... as login and password, query will return true, 1 row and you probably will pass login. i may explained it not soo well, but sorry for bad english $sql=mysql_query("SELECT * FROM users WHERE username='$username'"); if(mysql_num_row($sql) > 0) { $row=mysql_fetch_array($sql); if($password === $row['password']) { // Set session // redirect him } else { //error } } else { //wrong username or password (we know that user unexist, but won't show it) } in this example i also mean you info already protected and you not using register_globals=on as it is vulnerable too=) Quote Link to comment Share on other sites More sharing options...
PFMaBiSmAd Posted March 16, 2010 Share Posted March 16, 2010 Since the data being put into the query is being escaped (which it needs to be in all cases anyway), it is not possible to inject sql that would bypass the username/password check and this off track discussion about it is not relevant. Quote Link to comment Share on other sites More sharing options...
eerikk2 Posted March 16, 2010 Author Share Posted March 16, 2010 Since the data being put into the query is being escaped (which it needs to be in all cases anyway), it is not possible to inject sql that would bypass the username/password check and this off track discussion about it is not relevant. so what your saying is the login script will be safe as long as i have my password encrypted with md5? Quote Link to comment Share on other sites More sharing options...
trq Posted March 16, 2010 Share Posted March 16, 2010 ok so i got md5($var); to work but what is the other guy talking about LeadingWebDev is rambling. He was describing a possible sql injection. The data is however being escaped properly and is not subject to this vulnerability. Quote Link to comment Share on other sites More sharing options...
eerikk2 Posted March 16, 2010 Author Share Posted March 16, 2010 ok thank you, so my login should be safe. I appreciate your help. Oh and one more thing, how could i, if the password or username is wrong or if they left one blank, redirect them back to the login page with an error message rather than having them have to hit the back button Quote Link to comment Share on other sites More sharing options...
LeadingWebDev Posted March 16, 2010 Share Posted March 16, 2010 ok so i got md5($var); to work but what is the other guy talking about LeadingWebDev is rambling. He was describing a possible sql injection. The data is however being escaped properly and is not subject to this vulnerability. Right Quote Link to comment Share on other sites More sharing options...
trq Posted March 16, 2010 Share Posted March 16, 2010 A simple method is.... header('Location: http://yoursite.com/login.php?msg=Login%20failed'); Then, in login.php if (isset($_GET['msg'])) { echo $_GET['msg']; } Quote Link to comment Share on other sites More sharing options...
eerikk2 Posted March 16, 2010 Author Share Posted March 16, 2010 ok thank you very much. I appreciate all your help Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.