Jump to content


Photo

Login script help


  • Please log in to reply
2 replies to this topic

#1 master82

master82
  • Members
  • PipPipPip
  • Advanced Member
  • 182 posts

Posted 24 October 2006 - 01:22 PM

Hello - I've created a rather messy user authentication script that is used once a user fills out the login form...

<?php
//start sessions
session_start();
//Delete current sessions
if($_SESSION['userid']){
unset($_SESSION['userid']);
}
if($_SESSION['employ']){
unset($_SESSION['employ']);
}
//call connection data
include("db.php");
//check username field populated
if($_POST['user'] == "") {
die("No username entered");
}
//check password field populated
if($_POST['password'] == "") {
die("No password entered");
}
//convert password to md5
$securepass = md5($_POST['password']);
//check username matches password
$checkit = "SELECT userid FROM users WHERE username = '".$_POST['user']."' AND password = '$securepass'";
$result = mysql_query($checkit,$db) or die("Details incorrect");
while ($newArray = mysql_fetch_array($result)) {
$userid = $newArray['userid'];
$banned = $newArray['banned'];
}
//check if banned
if (mysql_num_rows($result) == 1) {
if ($banned > 0 ) {
die("You are currently banned for another $banned days");
}
//create session data
$_SESSION['userid'] = $userid;
$_SESSION['employ'] = 1;
//set ip
$ip = ($_SERVER['HTTP_X_FORWARDED_FOR'])
    ?  $_SERVER['HTTP_X_FORWARDED_FOR']
    :  $_SERVER['REMOTE_ADDR'];
//set session id
$sesid = session_id();
//update ip in user table
$updateip = mysql_query("Update users SET lastip = '$ip' WHERE username = '".$_POST['user']."' AND password = '$securepass'");
//update last active in user table
$updateactive = mysql_query("Update users SET lastactive = unix_timestamp() WHERE username = '".$_POST['user']."' AND password = '$securepass'");
//update session id in user table
$updatesid = mysql_query("Update users SET sessionid = '$sesid' WHERE username = '".$_POST['user']."' AND password = '$securepass'");
//all checks complete - redirect
header("Location: home.php");
}
else
{
//fail - redirect back to login page
header("Location: index.php");
}
?>

Is there anything I could add to make it more secure or to prevent possible hacks or forced entry?

Thanks in advance

#2 Shad

Shad
  • Members
  • PipPip
  • Member
  • 12 posts

Posted 24 October 2006 - 02:33 PM

try to use elseif, its faster and easier. Also, dont insert data straight from a post into the database, you can be easily SQL injected. for example,
$checkit = "SELECT userid FROM users WHERE username = '".$_POST['user']."' AND password = '$securepass'";
should be
$user = htmlspecialchars($_POST['user']);
$checkit = "SELECT userid FROM users WHERE username = '$user' AND password = '$securepass'";
[/code]

and for here:
$updateip = mysql_query("Update users SET lastip = '$ip' WHERE username = '".$_POST['user']."' AND password = '$securepass'");
//update last active in user table
$updateactive = mysql_query("Update users SET lastactive = unix_timestamp() WHERE username = '".$_POST['user']."' AND password = '$securepass'");
//update session id in user table
$updatesid = mysql_query("Update users SET sessionid = '$sesid' WHERE username = '".$_POST['user']."' AND password = '$securepass'");
//all checks complete - redirect

make it all in one:

$update = mysql_query("Update users SET lastip = '$ip',lastactive = unix_timestamp(),sessionid = '$sesid' WHERE username = '".$_POST['user']."' AND password = '$securepass'");


#3 alpine

alpine
  • Members
  • PipPipPip
  • Advanced Member
  • 756 posts
  • LocationNorway

Posted 24 October 2006 - 02:40 PM

Like this:

<?php

session_start();

if(isset($_SESSION['userid'])) $_SESSION['userid'] = null;
if(isset($_SESSION['employ'])) $_SESSION['employ'] = null;

include("db.php");

if(!empty($_POST['user']) || !empty($_POST['password']))
{
$username = htmlspecialchars($_POST['user']);
$securepass = md5($_POST['password']);
$checkit = mysql_query("SELECT userid,banned FROM users WHERE password = '$securepass' AND username = '$username'");
if(mysql_num_rows($checkit) <> 1)
{
  die("No valid user found");
}
else
{
$newArray = mysql_fetch_array($checkit);
$userid = $newArray['userid'];
$banned = $newArray['banned'];

if ($banned > 0 ) die("You are currently banned for another $banned days");

$_SESSION['userid'] = $userid;
$_SESSION['employ'] = 1;
$ip = ($_SERVER['HTTP_X_FORWARDED_FOR'])
    ?  $_SERVER['HTTP_X_FORWARDED_FOR']
    :  $_SERVER['REMOTE_ADDR'];
$sesid = session_id();
$update = mysql_query("
Update users SET lastip = '$ip',
lastactive = unix_timestamp(),
sessionid = '$sesid'
WHERE username = '$username' AND password = '$securepass'");
if($update)
{
header("Location: home.php");
exit();
}
else
{
die("Login failed to complete, try again");
}
}
}
else
{
header("Location: index.php");
}
?>






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users