Jump to content

Problem choosing rank


Go to solution Solved by Psycho,

Recommended Posts

I am trying to get my account to redirect to admin.php but it's not working it just goes to user.php.

 

here is my code

<?php

@ini_set('display_errors', 1);
@error_reporting(1);
@ini_set('allow_url_include', Off);
@set_time_limit(0);

session_start();

require 'connect.php';

if($_SERVER['REQUEST_METHOD'] == "POST")
{
    
    if(!isset($_POST['token']))
    {
        
        die("Possible Attack!");
        
    }
    
    $username = $_POST['username'];
    $password = $_POST['password'];
    
    $username = htmlspecialchars($username);
    $username = htmlentities($username);
    $username = strip_tags($username);
    
    if(preg_match("#[^\w]#", $username))
    {
     
        die("Your username must be numbers or letters only!");
        
    }
    
    $hash = hash('ripemd320', $password);
    
    if(empty($username) || empty($password))
    {
     
        die("Please enter both your username and password!");
        
    }
    
    $sql = "SELECT username, password, rank FROM users WHERE BINARY username = :username AND BINARY password = :password";
    
    $stmt = $handler->prepare($sql);
    $stmt->bindParam(':username', $username, PDO::PARAM_STR, 12);
    $stmt->bindParam(':password', $hash, PDO::PARAM_STR, 12);
    $stmt->execute();
    $row = $stmt->fetchAll();
   
    if($stmt->rowCount())
    {
     
        if($row['rank'] == 1)
        {
         
            $_SESSION['loggedIn'] = 1;
            $_SESSION['username'] = $username;
            $_SESSION['rank'] = $row['rank'];
            
            echo '<meta http-equiv="refresh" content="0;admin.php">';
            
        }
        
            $_SESSION['loggedIn'] = 1;
            $_SESSION['username'] = $username;
            $_SESSION['rank'] = $row['rank'];
            
            echo '<meta http-equiv="refresh" content="0;user.php">';
        
    } else {
     
        die("Username or Password is incorrect!");
        
    }
    
}

?>

I appreciate any help at all :)

 

Link to comment
https://forums.phpfreaks.com/topic/296322-problem-choosing-rank/
Share on other sites

Not sure but there is one thing that should change.

 

The following should change:

..
..

$stmt->execute();
$row = $stmt->fetchAll();
if($stmt->rowCount())
{
if($row['rank'] == 1)
..
..

 

to this:

 

$stmt->execute();
if($stmt->rowCount())
{
$row = $stmt->fetch();
if($row['rank'] == 1)
..
..

 

Note the use of rowcount to determine what to do next and also the use of 'fetch' instead of fetchall. Fetchall will produce an array of rows whereas you only want one row of data to work with here (and should have only one row).

 

If all you want to do is to exit this script and go somewhere else, why the meta echo? Just call header("Location: $url") to go where you want.

  • Solution

There are other problems as well, such as this

 

   $username = htmlspecialchars($username);
    $username = htmlentities($username);
    $username = strip_tags($username);

 

What is it you are trying too accomplish with this? htmlentities and htmlspecialchars do almost identical things. You would only need to use one or the other - but there's no reason to use either in this situation anyways. Plus, once either of those functions are run, strip_tags() would be useless. What prompted you to put all three of those like that?

 

Then there's this

 

   if(preg_match("#[^\w]#", $username))
    {
        die("Your username must be numbers or letters only!");   
    }

 

This is a login script. You should state nothing about whether the username/password meets any specific criteria. That is only done where the user creates those values. This provides information to a potential malicious user regarding values they can exclude in their attempts to infiltrate your application.

 

The code is a mess.

 

As to the problem you asked about, the problem is how you structure it:

 

       if($row['rank'] == 1)
        {
         
            $_SESSION['loggedIn'] = 1;
            $_SESSION['username'] = $username;
            $_SESSION['rank'] = $row['rank'];
            
            echo '<meta http-equiv="refresh" content="0;admin.php">';
            
        }
        
            $_SESSION['loggedIn'] = 1;
            $_SESSION['username'] = $username;
            $_SESSION['rank'] = $row['rank'];
            
            echo '<meta http-equiv="refresh" content="0;user.php">';

 

If the user is an admin, it echos

 

<meta http-equiv="refresh" content="0;admin.php">

 

But, then it will also echo

 

<meta http-equiv="refresh" content="0;user.php">

because you didn't put that second block within an else condition. So, there are TWO meta refresh tags created on the page for an admin.

Not sure but there is one thing that should change.

 

The following should change:

..
..

$stmt->execute();
$row = $stmt->fetchAll();
if($stmt->rowCount())
{
if($row['rank'] == 1)
..
..

 

to this:

 

$stmt->execute();
if($stmt->rowCount())
{
$row = $stmt->fetch();
if($row['rank'] == 1)
..
..

 

Note the use of rowcount to determine what to do next and also the use of 'fetch' instead of fetchall. Fetchall will produce an array of rows whereas you only want one row of data to work with here (and should have only one row).

 

If all you want to do is to exit this script and go somewhere else, why the meta echo? Just call header("Location: $url") to go where you want.

 

Hi i just changed the code and it still does the same thing, but the reason i used meta echo is incase a browser has headers disabled.

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.