Help needed with Login Script

[Penaf]

Hello People,

 

I'm not an expert programmer and I need all the help I can get to have this done the best way possible. I want to make the most secure possible login system and content submital to a mySQL database. I rely on a file I called motor.php to do all the work with the DB and here I needed seriously refactoring (I guess!) ... then I have a basic functions.php (from this file I only put here 1 function ... to get your opinion about it) and a connect.php

 

So ... if you guys can help me ... thanks A LOT !

 

 

functions.php

<?php

function clean($string){ 
$string = addslashes($string); 
$string = strip_tags($string); 
$string = htmlspecialchars($string); 
$string = trim($string); 

return $string; 
} 
?>

 

 

connect.php

 

<?php
$host = "localhost"; // default
$mysql_user = "XXX"; // mysql username
$mysql_pass = "XXX"; // mysql password
$mysql_db = "XXX"; //mysql database

@mysql_connect($host,$mysql_user,$mysql_pass) or die("Could not connect to MySQL<br />".mysql_error());
@mysql_select_db($mysql_db) or die("Could not connect to MySQL database $db");


// Protecção contra SQL Injections para todas as variáveis POST e GET
foreach ($_POST as $key => $value) { $_POST[$key] = mysql_real_escape_string($value); }
foreach ($_GET as $key => $value) { $_GET[$key] = mysql_real_escape_string($value); }

?>

 

motor.php ... help needed here ... I always feel something is missing!

 

<?php

ob_start();

require('connect.php');
include('functions.php');

$act = $_GET['act'];


if ($act == "adduser") {

$user=clean($_POST['user']);
$pass=md5(clean($_POST['pass']));
$nome=clean($_POST['nome']);

$sql="INSERT INTO users(user, pass, nome) VALUES('$user', '$pass', '$nome')";
$result=mysql_query($sql);

	if($result){
		echo"Sucesso!";
		echo"<meta http-equiv='refresh' content='3;url=utilizadores.php'>";
	}else{ 
		echo" Insucesso!"; 
	}
	mysql_close();

} elseif ($act == "deluser") {

$user=$_POST['user'];

$sql="DELETE FROM users WHERE user='$user'";
$result=mysql_query($sql);

	if($result){
		echo"Sucesso!";
		echo"<meta http-equiv='refresh' content='3;url=utilizadores.php'>";
	}else{ 
		echo" Insucesso!"; 
	}	
	mysql_close();



} elseif (act == "loginerro" || $act == "logindel"){

setcookie("user", "erro", time()+3600);
echo"<meta http-equiv='refresh' content='3;url=utilizadores.php'>";	

} elseif ($act == "authuser") {

$user = clean($_POST['user']);
$pass = md5(clean($_POST['pass']));
$usercookie = $user;
   
$sql = "SELECT * FROM `users` WHERE `user` = '$user' AND `pass` = '$pass' LIMIT 1";
$result = mysql_query($sql);


if(!mysql_num_rows($result)){
	echo "Nome de utilizador ou password errados!";
	setcookie("user", erro, time()+3600);
	die();
}else{
	echo "Login Válido";
	setcookie("user", $usercookie, time()+3600);
	echo"<meta http-equiv='refresh' content='3;url=utilizadores.php'>";

	$logdate = date("Y-m-d");
	$logtime = date("h:i:s");
	$logip = $REMOTE_ADDR;
	$loghost = $_SERVER['HTTP_HOST']; 

	$logentrada = mysql_query("INSERT INTO logentrada (loguser, logdate, logtime, logip, loghost) VALUES ('$user', '$logdate', '$logtime', '$logip', '$loghost')");
	if(!$logentrada) die ('Database error ($logentrada): ' .mysql_error());
	mysql_close();
  }

}elseif ($act == "addcontent") {

$titulo=$_POST['titulo'];
$conteudo=$_POST['conteudo'];
$tipo=$_POST['tipo'];
$user=$_POST['autor'];
$imagem=$_POST['imagem'];
$data=$_POST['data'];	
$hora=$_POST['hora'];		

$sql="INSERT INTO content(titulo, conteudo, tipo, autor, imagem, data, hora) VALUES('$titulo', '$conteudo', '$tipo', '$user', '$imagem', '$data', '$hora')";
$result=mysql_query($sql);

	if($result){
		echo"Sucesso!";
		echo"<meta http-equiv='refresh' content='3;url=utilizadores.php'>";
	}else{ 
		echo" Insucesso!"; 
	}
mysql_close();


} elseif (empty($act)) { echo "Não há nada aqui para ver!"; } 


ob_flush()

?>

 

 

 

 

[Wolphie]

<?php
function sanitize($input) {
  if (magic_quotes_gpc()) {
    $input = stripslashes($input);
  }
  else {
    $input = strip_tags($input);
    $input = htmlspecialchars($input);
    $input = trim($input);
  }
  
  return mysql_real_escape_string($input);
}
?>

 

That's generally what I use to completely sanitise a string.

[Penaf]

Seems nice Wolfie ... but is it better ?

[Wolphie]

Yes, since with my code you're checking to see if magic_quotes_gpc() is enabled, and if so remove the slashes. I'm also using mysql_real_escape_string() to escape any possible malicious code.