"Secure" PHP Login Script?

[notepad]

Hi,

 

I am thinking of integrating this PHP login script: http://www.phpeasystep.com/phptu/6.html. I am still learning PHP, so I am not really sure if this script is secure. I will do a couple of things to it, like md5 the passwords and use preg_replace to strip out non-alphanumeric characters. But I don't really know how 'secure' the sessions are. I know there are certain ways to get around those if you don't code your script right... So I was hoping a could get some of your thoughts on the code.

 

The protection for the pages is this:

 

<?
session_start();
if(!session_is_registered(myusername)){
header("location:main_login.php");
}
?>

 

One other thing is that I only need one user. So, should I change the SQL query to this?:

 

CREATE TABLE `members` (
`id` int(4) NOT NULL,
`username` varchar(65) NOT NULL default '',
`password` varchar(65) NOT NULL default '',
PRIMARY KEY (`id`)
) TYPE=MyISAM ;

 

Thanks,

 

Brandon

[notepad]

Over 60 views and not 1 comment? 

[dsaba]

do research and read about session sniffing and session security

 

as long as your not storing passwords inside sessions you should be fine, some people dont use session all together and simulate sessions with table in a db, but thats another mess all together

 

as far as md5 and proper password encrypting, do research on salting md5 passwords, and read comments in the php.net manual

 

think about "what makes a login system secure"

once you can answer that question, then you can find out things and do research on the insecure aspects of a user authentication system, the ones I listed were just a couple i thought of when it comes to user authentication security

[notepad]

Hey dsaba, thanks for your tips. I will do some research on the things you mentioned. You also posed a very good question: "what makes a login system secure". And, to be honest, I can't answer it -- Yet. But I will be doing a lot of research, so I can answer it. =)

[youneek]

From what I can tell, it looks like anyone could just add a cookie to their browser with the right username and get past your script. If you have an account called admin, guest, etc than it would probably pretty easy to get around. It's usually safest if you have php do md5 encryption, store the encrypted password in a database, then check the cookie against the encrypted password. If you want to get real dirty you can have it use the time added to the end of the encrypted password to really throw off someones cracking tool.

 

Unless you have a site with important information like credit card numbers etc, then just basic md5 encryption is probably all you need. Just make sure you are not passing the "plain text" version of the password into the cookie or you could also help hackers get into any other website that person goes to. Many people use the same password for all their sites like banks etc.