Drumlegend Posted February 11, 2013 Share Posted February 11, 2013 I have been working on an application for a university project and I have somehow managed to break my code and I have no idea what I have done to break it. I have created a registration and log in script which used to work but I can no longer login with the registered details. I could really use some help on this so I don't spend hours ripping my hair out. I have attached an image of my user database. Code for registration <?php include 'PasswordHash.php'; $sql = new mysqli('localhost', '****', '****', '****'); // Create an array to catch any errors in the registration form. $errors = array(); /** * Make sure the form has been submitted before trying to process it. This is * single most common cause of 'undefined index' notices. */ if (!empty($_POST)) { // First check that required fields have been filled in. if (empty($_POST['username'])) { $errors['username'] = "Username cannot be empty."; } // Restrict usernames to alphanumeric plus space, dot, dash, and underscore. /* if (preg_match('/[^a-zA-Z0-9 .-_]/', $_POST['username'])) { $errors['username'] = "Username contains illegal characters."; } */ if (empty($_POST['firstname'])) { $errors['firstname'] = "First Name cannot be empty."; } if (empty($_POST['surname'])) { $errors['surname'] = "Surname cannot be empty."; } if (empty($_POST['password'])) { $errors['password'] = "Password cannot be empty."; } if (strlen($_POST['password']) < { $errors['password'] = "Password must be at least 8 charcaters."; } // Force passwords to contain at least one number and one special character. /* if (!preg_match('/[0-9]/', $_POST['password'])) { $errors['password'] = "Password must contain at least one number."; } if (!preg_match('/[\W]/', $_POST['password'])) { $errors['password'] = "Password must contain at least one special character."; } */ if (empty($_POST['password_confirm'])) { $errors['password_confirm'] = "Please confirm password."; } if ($_POST['password'] != $_POST['password_confirm']) { $errors['password'] = "Passwords do not match."; } $email = filter_var($_POST['email'], FILTER_VALIDATE_EMAIL); if (!$email) { $errors['email'] = "Not a valid email address."; } /** * Escape the data we're going to use in our query. Never trust user input. */ $username = $sql->real_escape_string($_POST['username']); $email = $sql->real_escape_string($email); $firstname = $sql->real_escape_string($_POST['firstname']); $surname = $sql->real_escape_string($_POST['surname']); $addressline1 = $sql->real_escape_string($_POST['addressline1']); $addressline2 = $sql->real_escape_string($_POST['addressline2']); $city = $sql->real_escape_string($_POST['city']); $county = $sql->real_escape_string($_POST['county']); $postcode = $sql->real_escape_string($_POST['postcode']); /** * Check that the username and email aren't already in our database. * * Note also the absence of SELECT * */ $query = "SELECT username, email FROM users WHERE username = '{$username}' OR email = '{$email}'"; $result = $sql->query($query); /** * There may well be more than one point of failure, but all we really need * is the first one. */ $existing = $result->fetch_object(); if ($existing) { if ($existing->username == $_POST['username']) { $errors['username'] = "That username is already in use."; } if ($existing->email == $email) { $errors['email'] = "That email address is already in use."; } } } if (!empty($_POST) && empty($errors)) { /** * Hash password before storing in database */ $hasher = new PasswordHash(8, FALSE); $password = $hasher->HashPassword($_POST['password']); $query = "INSERT INTO users (firstname, surname, username, email, password, addressline1, addressline2, city, county, postcode, created) VALUES ('{$firstname}','{$surname}','{$username}','{$email}', '{$password}','{$addressline1}','{$addressline2}','{$city}','{$county}','{$postcode}', NOW())"; $success = $sql->query($query); if ($success) { $message = "Account created."; } else { $errors['registration'] = "Account could not be created. Please try again later."; } } ?> Login Code <?php session_start(); // If the user is already logged in then redirect them to homepage if (isset($_SESSION['user_id'])) { exit(); } include 'PasswordHash.php'; $sql = new mysqli('localhost', '****', '****', '****'); $hasher = new PasswordHash(8, FALSE); if (!empty($_POST)) { // Again, never trust user input! $user = $sql->real_escape_string($_POST['username']); $query = "SELECT id, password, username, UNIX_TIMESTAMP(created) AS salt FROM users WHERE username = '{$username}'"; $user = $sql->query($query)->fetch_object(); /** * Check that the query returned a result (otherwise user doesn't exist) * and that provided password is correct. */ if ($user && $user->password == $hasher->CheckPassword($_POST['password'], $user->password)) { /** * Set cookies here if/as needed. * Set session data as needed. DO NOT store user's password in * cookies or sessions! * Redirect the user if/as required. */ session_regenerate_id(); $_SESSION['user_id'] = $user->id; $_SESSION['username'] = $user->username; $_SESSION['authenticated'] = TRUE; $_SESSION['signature'] = md5($user->id . $_SERVER['HTTP_USER_AGENT'] . $user->salt); header('Location:../login.php'); } /** * Don't provide specific details as to whether username or password was * incorrect. If an attacker knows they've found a valid username, you've * just made their life easier. */ else { $error = "Login failed."; } } ?> Thank you in advance and I'm sorry for the amount of code. Some of the code I used was from tutorials, as I am new to php. Link to comment https://forums.phpfreaks.com/topic/274365-login-failed/ Share on other sites More sharing options...
requinix Posted February 11, 2013 Share Posted February 11, 2013 // Again, never trust user input! $user = $sql->real_escape_string($_POST['username']); $query = "SELECT id, password, username, UNIX_TIMESTAMP(created) AS salt FROM users WHERE username = '{$username}'"; Variable mismatch. Link to comment https://forums.phpfreaks.com/topic/274365-login-failed/#findComment-1411852 Share on other sites More sharing options...
Drumlegend Posted February 12, 2013 Author Share Posted February 12, 2013 // Again, never trust user input! $user = $sql->real_escape_string($_POST['username']); $query = "SELECT id, password, username, UNIX_TIMESTAMP(created) AS salt FROM users WHERE username = '{$username}'"; Variable mismatch. So what do I need to change, I am confused. Link to comment https://forums.phpfreaks.com/topic/274365-login-failed/#findComment-1411919 Share on other sites More sharing options...
Drumlegend Posted February 12, 2013 Author Share Posted February 12, 2013 I see the mistake I made now, thank you. Needed to change $user to $username Link to comment https://forums.phpfreaks.com/topic/274365-login-failed/#findComment-1411932 Share on other sites More sharing options...
jazzman1 Posted February 12, 2013 Share Posted February 12, 2013 So what do I need to change, I am confused. // Again, never trust user input! $user = $sql->real_escape_string($_POST['username']); $query = "SELECT id, password, username, UNIX_TIMESTAMP(created) AS salt FROM users WHERE username = '{$user}'"; Link to comment https://forums.phpfreaks.com/topic/274365-login-failed/#findComment-1411934 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.