dazzathedrummer Posted April 8, 2010 Share Posted April 8, 2010 Hi, I'm having some trouble with this login script, I thought it was ok until I noticed that after an unsucessful login, you are able to access the hidden content anyway!! For some reason the code is setting a cookie despite an unsuccessful login and should only set a cookie if the username is found in the DB. Also, for some reason, the password field is coming from the form and not the encrypted version. <?php $setcookie_username = setcookie(guard_member, $_POST['username'], $hour); $setcookie_pass = setcookie(guard_member_key, $_POST['pass'], $hour); // Connects to your Database mysql_connect("database.com", "user", "password") or die(mysql_error()); mysql_select_db("db") or die(mysql_error()); //Checks if there is a login cookie if(isset($_COOKIE['guard_member'])) //if there is one, it logs you in and directes you to the members page { $username = $_COOKIE['guard_member']; $pass = $_COOKIE['guard_member_key']; $check = mysql_query("SELECT * FROM users WHERE is_guard = '1' and username = '$username'")or die(mysql_error()); while($info = mysql_fetch_array( $check )) { if ($pass != $info['password']) { } else { header("Location: guard_admin.php"); } } } //if the login form is submitted if (isset($_POST['submit'])) { // if form has been submitted // makes sure they filled it in if(!$_POST['username'] | !$_POST['pass']) { die('You did not fill in a required field.'); } // checks it against the database if (!get_magic_quotes_gpc()) { $_POST['email'] = addslashes($_POST['email']); } $check = mysql_query("SELECT * FROM users WHERE is_guard = '1' and username = '".$_POST['username']."'")or die(mysql_error()); //Gives error if user dosen't exist $check2 = mysql_num_rows($check); if ($check2 == 0) { die('ooooooo sorry my friend, you\'re just not special enough to go there Click <a href="http://www.the-guards.org.uk">Here</a> to get back to where you belong. <br> ...You could try registering <a href="http://www.the-guards.org.uk/private/reg.php">here</a>, but even then I doubt you\'ll be given access to the private/secret/special admin area - only actual Guards alowd in y\'see, sorry about that. <br> Well anyway, its been nice talking to you - it gets a bit lonely here, guarding the Guards admin area, they dont even pay me y\'know and they make me listen to their music all day, god its depressing.'); } while($info = mysql_fetch_array( $check )) { $_POST['pass'] = stripslashes($_POST['pass']); $info['password'] = stripslashes($info['password']); $_POST['pass'] = md5($_POST['pass']); //gives error if the password is wrong if ($_POST['pass'] != $info['password']) { die('Incorrect password, please try again.'); } else { // if login is ok then we add a cookie $_POST['username'] = stripslashes($_POST['username']); $hour = time() + 2592000; $setcookie_username; $setcookie_pass; //then redirect them to the members area header("Location: guard_admin.php"); } } } else { // if they are not logged in ?> <head> </head> <body> </body> </html> I'm beginning to think I should start again haha. Link to comment https://forums.phpfreaks.com/topic/197947-can-anyone-spot-the-error-in-this-login-script/ Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.