Jump to content

Problem choosing rank

Tom10

By Tom10
in PHP Coding Help

 Share
Go to solution Solved by Psycho,

Recommended Posts

Tom10 Member

Tom10

Posted
Posted

I am trying to get my account to redirect to admin.php but it's not working it just goes to user.php.

 

here is my code

<?php

@ini_set('display_errors', 1);
@error_reporting(1);
@ini_set('allow_url_include', Off);
@set_time_limit(0);

session_start();

require 'connect.php';

if($_SERVER['REQUEST_METHOD'] == "POST")
{
    
    if(!isset($_POST['token']))
    {
        
        die("Possible Attack!");
        
    }
    
    $username = $_POST['username'];
    $password = $_POST['password'];
    
    $username = htmlspecialchars($username);
    $username = htmlentities($username);
    $username = strip_tags($username);
    
    if(preg_match("#[^\w]#", $username))
    {
     
        die("Your username must be numbers or letters only!");
        
    }
    
    $hash = hash('ripemd320', $password);
    
    if(empty($username) || empty($password))
    {
     
        die("Please enter both your username and password!");
        
    }
    
    $sql = "SELECT username, password, rank FROM users WHERE BINARY username = :username AND BINARY password = :password";
    
    $stmt = $handler->prepare($sql);
    $stmt->bindParam(':username', $username, PDO::PARAM_STR, 12);
    $stmt->bindParam(':password', $hash, PDO::PARAM_STR, 12);
    $stmt->execute();
    $row = $stmt->fetchAll();
   
    if($stmt->rowCount())
    {
     
        if($row['rank'] == 1)
        {
         
            $_SESSION['loggedIn'] = 1;
            $_SESSION['username'] = $username;
            $_SESSION['rank'] = $row['rank'];
            
            echo '<meta http-equiv="refresh" content="0;admin.php">';
            
        }
        
            $_SESSION['loggedIn'] = 1;
            $_SESSION['username'] = $username;
            $_SESSION['rank'] = $row['rank'];
            
            echo '<meta http-equiv="refresh" content="0;user.php">';
        
    } else {
     
        die("Username or Password is incorrect!");
        
    }
    
}

?>

I appreciate any help at all :)

 

Link to comment
Share on other sites
ginerjm Prolific Member

ginerjm

Posted
Posted

Not sure but there is one thing that should change.

 

The following should change:

..
..

$stmt->execute();
$row = $stmt->fetchAll();
if($stmt->rowCount())
{
if($row['rank'] == 1)
..
..

 

to this:

 

$stmt->execute();
if($stmt->rowCount())
{
$row = $stmt->fetch();
if($row['rank'] == 1)
..
..

 

Note the use of rowcount to determine what to do next and also the use of 'fetch' instead of fetchall. Fetchall will produce an array of rows whereas you only want one row of data to work with here (and should have only one row).

 

If all you want to do is to exit this script and go somewhere else, why the meta echo? Just call header("Location: $url") to go where you want.

Link to comment
Share on other sites
  • Solution
Psycho Prolific Member

Psycho

Posted
  • Solution
Posted

There are other problems as well, such as this

 

   $username = htmlspecialchars($username);
    $username = htmlentities($username);
    $username = strip_tags($username);

 

What is it you are trying too accomplish with this? htmlentities and htmlspecialchars do almost identical things. You would only need to use one or the other - but there's no reason to use either in this situation anyways. Plus, once either of those functions are run, strip_tags() would be useless. What prompted you to put all three of those like that?

 

Then there's this

 

   if(preg_match("#[^\w]#", $username))
    {
        die("Your username must be numbers or letters only!");   
    }

 

This is a login script. You should state nothing about whether the username/password meets any specific criteria. That is only done where the user creates those values. This provides information to a potential malicious user regarding values they can exclude in their attempts to infiltrate your application.

 

The code is a mess.

 

As to the problem you asked about, the problem is how you structure it:

 

       if($row['rank'] == 1)
        {
         
            $_SESSION['loggedIn'] = 1;
            $_SESSION['username'] = $username;
            $_SESSION['rank'] = $row['rank'];
            
            echo '<meta http-equiv="refresh" content="0;admin.php">';
            
        }
        
            $_SESSION['loggedIn'] = 1;
            $_SESSION['username'] = $username;
            $_SESSION['rank'] = $row['rank'];
            
            echo '<meta http-equiv="refresh" content="0;user.php">';

 

If the user is an admin, it echos

 

<meta http-equiv="refresh" content="0;admin.php">

 

But, then it will also echo

 

<meta http-equiv="refresh" content="0;user.php">

because you didn't put that second block within an else condition. So, there are TWO meta refresh tags created on the page for an admin.

Link to comment
Share on other sites
Tom10 Member

Tom10

Posted
  • Author
Posted

Not sure but there is one thing that should change.

 

The following should change:

..
..

$stmt->execute();
$row = $stmt->fetchAll();
if($stmt->rowCount())
{
if($row['rank'] == 1)
..
..

 

to this:

 

$stmt->execute();
if($stmt->rowCount())
{
$row = $stmt->fetch();
if($row['rank'] == 1)
..
..

 

Note the use of rowcount to determine what to do next and also the use of 'fetch' instead of fetchall. Fetchall will produce an array of rows whereas you only want one row of data to work with here (and should have only one row).

 

If all you want to do is to exit this script and go somewhere else, why the meta echo? Just call header("Location: $url") to go where you want.

 

Hi i just changed the code and it still does the same thing, but the reason i used meta echo is incase a browser has headers disabled.

Link to comment
Share on other sites
This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.