why isn't conditional statement working?

[raydona]

Hi,

I asked a question about Tokens earlier. After debugging I've found the reason as to why my program isn't working. It's related to this statement:

if($token == $_SESSION['token'])
{ ........;
return true;
}

$token is generated in form using md5(uniqid()). When I echo both $token and $_SESSION['token'] before the if statement they both turn out to be the same. Yet for some reason the if statement is not being satisfied and is not returning true as it's supposed to do. (I've tried $token === $_SESSION['token'] as well.) I don't know if some kind of type casting or other is required for the conditional statement to work. Would be grateful for any suggestions. Edited October 31, 2014 by mac_gyver
removed links from copied text

[mac_gyver]

use var_dump() on both values to help see if they contain any white-space/non-printing characters.

[raydona]

Hello,
Many thanks for the reply. I used var_dump() on both values and the following is obtained:

string 'be33cfc1f0eed02e8176d7281975b05e' (length=41)

string 'be33cfc1f0eed02e8176d7281975b05e' (length=32)

If there are any extra white-space/non-printing characters I don't know how to locate and remove them. I've used trim() but it's not solving the problem. Could you please suggest a solution.

[mac_gyver]

the correct length is 32, which the second one has. the first one has some extra non-printing characters in it somewhere. what does the 'view source' in the browser of the var_dump() output show?

 

what's the code that's responsible for setting the $token variable and if it is coming from a form, what is the code producing the form field it's being passed in?

[Barand]

There seems to be 9 chars before the first "b" with these hex codes

 

0 - 0xEF
1 - 0xBB
2 - 0xBF
3 - 0xEF
4 - 0xBB
5 - 0xBF
6 - 0xEF
7 - 0xBB
8 - 0xBF

// copy/pasted first string
$str = "be33cfc1f0eed02e8176d7281975b05e";
$k = strlen($str);

echo '<pre>';
for ($i=0; $i<$k; $i++) {
    printf('%2d   0x%2s  %1s<br>', $i, dechex(ord($str[$i])), $str[$i]);
}

Edited November 1, 2014 by Barand

[Barand]

Alternatively

$str = "be33cfc1f0eed02e8176d7281975b05e";
$k = strlen($str);

$x = unpack('c*', $str);

echo '<pre>';
for ($i=1; $i<$k+1; $i++) {
    printf('| %2d | %02X | %1c |<br>', $i, $x[$i], $x[$i]);
}
echo '</pre>';

Giving

|  1 | FFFFFFEF | ï |
|  2 | FFFFFFBB | » |
|  3 | FFFFFFBF | ¿ |
|  4 | FFFFFFEF | ï |
|  5 | FFFFFFBB | » |
|  6 | FFFFFFBF | ¿ |
|  7 | FFFFFFEF | ï |
|  8 | FFFFFFBB | » |
|  9 | FFFFFFBF | ¿ |
| 10 | 62 | b |
| 11 | 65 | e |
| 12 | 33 | 3 |
| 13 | 33 | 3 |
| 14 | 63 | c |
| 15 | 66 | f |
| 16 | 63 | c |
| 17 | 31 | 1 |
| 18 | 66 | f |
| 19 | 30 | 0 |
| 20 | 65 | e |
| 21 | 65 | e |
| 22 | 64 | d |
| 23 | 30 | 0 |
| 24 | 32 | 2 |
| 25 | 65 | e |
| 26 | 38 | 8 |
| 27 | 31 | 1 |
| 28 | 37 | 7 |
| 29 | 36 | 6 |
| 30 | 64 | d |
| 31 | 37 | 7 |
| 32 | 32 | 2 |
| 33 | 38 | 8 |
| 34 | 31 | 1 |
| 35 | 39 | 9 |
| 36 | 37 | 7 |
| 37 | 35 | 5 |
| 38 | 62 | b |
| 39 | 30 | 0 |
| 40 | 35 | 5 |
| 41 | 65 | e |

[raydona]

Hi,

  I have included the following code that is relevant to the problem described above:

<?php

    class Token
    {  public static function generate()
       {  return Session::put('token'), md5(uniqid()));
       }

       public static function check($token)
       { $tokenName = 'token';

         if(Session::exists($tokenName) && $token ===
Session::get($tokenName))
         { Session::delete($tokenName);  
           return true;
         }
         return false;
       }
    }
///////////////////////////////////////////////////////////////
      class Session
      {
         public static function exists($name)
         { return (isset($_SESSION[$name])) ? true : false;
         }

         public static function put($name, $value)
         { return $_SESSION[$name] = $value;
         }

         public static function get($name)
         { return $_SESSION[$name];
         }

         public static function delete($name)
         { if(self::exists($name))
           { unset($_SESSION[$name]);
           }
         }
///////////////////////////////////////////////////////////////
    class Input
    {  
       public static function get($item)
       { if(isset($_POST[$item]))
         { return $_POST[$item];
         }
         return '';
       }
    }
//////////////////////////////////////////////////////////////

   if(isset($_POST['username']) && isset($_POST['password']))
   { if(Token::check(Input::get('token')))
     { $validate = new Validate();

       $validation = ................;

       if($validation->passed())
       { $user = new User();

         $login = $user->login(Input::get('username'),
Input::get('password'));

         if($login)
         { echo 'Success';
           Redirect::to('index.php');
         }
         else
         { echo 'Sorry, login failed!';
         }
       }     //validation passed
       else
       { foreach($validation->errors() as $error)
         { echo $error, '<br>';
         }
         echo "<script> setTimeout(\"location.href =
'index.php';\",30000); </script>";
       }
     }
   }
?>

<form action="" method="POST">
<P>
  <label for="username">Username</label>
  <input type="text" name="username" id="username"

autocomplete="off">
</P>
<P>
  <label for="password">Password</label>
  <input type="password" name="password" id="password"

autocomplete="off">
</P>
<P>
  <input type="hidden" name="token" value="<?php echo

Token::generate(); ?>">
  <input type="submit" value="LOG IN">
</P>
</form>

This is what 'view source' in the browser of the var_dump() output shows:

<pre class='xdebug-var-dump' dir='ltr'><small>string</small> <font color='#cc0000'>'e62862d9f9ce6cd41fc7873c53683108'</font> <i>(length=41)</i>
</pre><br><pre class='xdebug-var-dump' dir='ltr'><small>string</small> <font color='#cc0000'>'e62862d9f9ce6cd41fc7873c53683108'</font> <i>(length=32)</i>
</pre><br>
<form action="" method="POST">
<P>
<label for="username">Username</label>
<input type="text" name="username" id="username" autocomplete="off">
</P>
<P>
<label for="password">Password</label>
<input type="password" name="password" id="password" autocomplete="off">
</P>
<P>
<input type="hidden" name="token" value="695d40eec4673a3b8a36493c67cdfbd4">
<input type="submit" value="LOG IN">
</P>
</form>

[mac_gyver]

the characters being added are BOM (Byte Order Mark) characters, times 3. your posted php code/html don't appear to have them in it, though the process of editing/copy/pasting for the post could have removed the characters. i have never seen a case where a browser added BOM characters to form data values, so it's most likely that your php code/html has them in it, probably due to copy/pasting code from somewhere it was published at with BOM characters as part of it.

 

the code you didn't post was - 

 

what's the code that's responsible for setting the $token variable 

 

what code do you have that does anything with $_POST['token'] through to the point where $token gets set?

 

you can narrow down the problem further by using var_dump($_POST) at the start of your processing code; to see if the characters are coming in with the post data or if they are being added by the processing code.

[raydona]

Hi,

  The code for setting the $token variable is:

 

       public static function generate()
       {  return Session::put('token'), md5(uniqid()));
       }

 

which is basically md5(uniqid()). Immediately after form is submitted I get:

 

string '9a0453403ae941b6ae5744882dce0f08' (length=41)

 

which suggests non-printing characters are inserted when $token is created.