multiple database tables

[searls03]

ok, so I have been having a problem with tables being emptied.  I want to know if there is a way and how I could make it so that if one table did get deleted, there is a backup it can pull login info from instead.  like I have table sessions, the main login table and then there is sessions2....the secondary with all the same info as sessions, but it is the backup.  so if sessions were empty, the code would then tell it to go to sessions2 and see if it were empty and if not, it uses that to login....but if sessions were not empty, it would not have to use sessions2. make sense?

 

<?php
/*
Created By Adam Khoury @ [url='http://www.flashbuilding.com/']www.flashbuilding.com[/url]
-----------------------June 20, 2008-----------------------
*/
if ($_POST['Submit']) {
//Connect to the database through our include
include_once "connect_to_mysql_1.php";
$username = stripslashes($_POST['username']);
$username = strip_tags($username);
$username = mysql_real_escape_string($username);
$password = ereg_replace("[^A-Za-z0-9]", "", $_POST['password2']); // filter everything but numbers and letters
$password = md5($password);

// Make query and then register all database data that -
// cannot be changed by member into SESSION variables.
// Data that you want member to be able to change -
// should never be set into a SESSION variable.
$sql = mysql_query("select * FROM sessions WHERE username='$username' AND password='$password'");
$login_check = mysql_num_rows($sql);
if($login_check > 0){
while($row = mysql_fetch_array($sql)){
// Get member ID into a session variable
$id = $row["id"];
session_register('id');
$_SESSION['id'] = $id;
// Get member username into a session variable
$username = $row["username"];
session_register('username');
$_SESSION['username'] = $username;
$name = $row["name"];
session_register('name');
$_SESSION['name'] = $name;

// Get member userlevel into a session variable


if ($_POST['username']) {


$sql = mysql_query("UPDATE sessions SET loggedin='1' where username='$username'")or die(mysql_error());

} // close if post

// Update last_log_date field for this member now
// Print success message here if all went well then exit the script
}// close while
} else {
// Print login failure message to the user and link them back to your login page
print '<br /><br /><font color="#FF0000">Sorry, incorrect username or password, please try again! </font><br />';

}}
?>

[Pikachu2000]

So you're getting hacked then? If someone is able to truncate/drop tables, they probably have all of the data already.

[searls03]

no it is not getting hacked.  I have two websites where it happens at the exact same time.  it only happens to my login data also.  is there a way to do what i asked?

[searls03]

and even if they had the data, i would still like for people to login.

[Pikachu2000]

Tables aren't just truncated for no reason. You need to find the cause and fix it, rather than mask the symptoms.

[searls03]

idk why it is doing it.  I think it is just a glitch or something in my webhost.  I would like people to still be able to login, that way if i don't notice it, my inbox doesn't get flooded with emails.  but I check it about every month, but if it happens before or after I check it, people can still atleast login.  please just tell me how I could do this if it is possible.

[searls03]

is there a way to monitor the table via php so that I could see exactly when it happens, and some data about what happened?  but could you also tell me how to do what I asked like I said, incase I don't notice it so I don't get flooded with emails.

[searls03]

I still want members to be able to login to the site, that is why I need to do this.  and is there a way I can monitor the dbase via php so that I can see exactly what is happening to it?

[Pikachu2000]

To even allow the site to be online without figuring out why database tables are disappearing is absurd. Check all the logs (DB, Apache and php), isolate the problem, and fix it.

[searls03]

it is  not like it is a super duper secure site in the first place.  anything on it can be found in a phone book.  would someone please just answer my question instead of telling me how absurd I am for letting the site stay online.  I am trying to find the issue and fix it, but at the same time I want people to be able to login to the site.  I don't want it to be down for another month till it happens again or until I find the problem.

[Pikachu2000]

Username/password pairs aren't in phone books. You're doing a disservice to the people who've created accounts on your site, so no, I won't help you allow it to continue unabated and I hope nobody else will either.

[searls03]

all of those are md5 so that they are secure.  they wouldnt get decrypted easily.  please just help.  the site is not getting hacked, it is a problem with the mysql server, I talked to the webhost and they said it was.

[premiso]

searls03, the md5 alone is easy to crack with a rainbow table.

 

That aside, as Pikachu2000 said. If your tables are being dropped that means somewhere in the script someone is doing a SQL inject. If you take a look at your APACHE Logs (if on linux /var/log/apache2/access.log) you can see what GET data people are sending which may lead you to the problem script that someone is SQL Injecting.

 

Looking at the code you posted, the problem does not lay within that code. So check your logs and stop getting hung up on other random shit acting like you are the victim. We can only help someone to a point where they actually listen to the help being given.

[searls03]

one, those logs are not accessible from my webhost.  2, tables are being emptied, not dropped, 3, I highly doubt that it is injection cause I have a couple of sites and it happens at exact same time on all of the sites.  4, the webhost said it was a mysql server issue. 

[TeNDoLLA]

I really can't believe it that a web host would have such a shitty service that it would empty people's mysql databases. As mentioned before you are being SQL injected most likely. That does not mean if the tables are not dropped that you don't have SQL injection in your code. If your code makes injection possible people can run _ANY_ SQL code they want e.g "DELETE * FROM table" which will empty the tables but not drop the tables. If it really is a hosting issue then I suggest you change your hosting company, because the current one is total crap.

[PFMaBiSmAd]

How do you know an existing DELETE query you have in your code on your site(s) is not deleting all the rows, either accidentally (logic error, no validation...) or through someone injecting a 1=1 in a Where condition?

 

Also, if database tables are being emptied and you have and use a secondary table to log in visitors, that secondary table would also end up being emptied.

[Philip]

[*]IF your host is actually claiming its a server issue, move away from them if they cannot fix it & use your backups.

[*]IF you're not doing backups, you better start doing so soon, otherwise next time this happens you'll be sitting in a puddle again.

[*]but as others have said, I'd imagine it is more of an injection. Injecting

"; TRUNCATE TABLE table1; TRUNCATE TABLE table2;

• is more common than you think. Make your host give you the logs so you can verify that it is or is not an injection.
  
• To answer your other question, no it is not possible to monitor MySQL with just PHP. Unless you make them use your own function, you cannot log all the queries just with PHP.