Gath Posted April 13, 2007 Share Posted April 13, 2007 Greetings. Havent touched PHP in about 3 years now, and the need came to code again, so i'm not very secure of all the stuff i'm doing, since i feel i forgot most of what i knew Anyway, this is the login code for my future site. Just want to see if anyone could find any failure, security breaches, better ways to do things... or whatever. Anything would be helpfull. (this is the correct forum for this, right?) The vars come from a normal html form from main index page. "login.html.php" is a stripped version of that page, with the form only, oposed to having a Logo, images, and whatnot. <?PHP if(!empty($_POST['username']) AND !empty($_POST['password'])) { if( !eregi( "^[a-zA-Z0-9]{4,14}$", $_POST['username']) OR !eregi( "^[a-zA-Z0-9]{4,14}$", $_POST['password']) ) { $error = 'Invalid Username and/or Password!'; require ("login.html.php"); exit; }; require ("includes/dbconnect.php"); $username = $_POST['username']; $password = $_POST['password']; $db = mysql_query("SELECT user_id FROM user WHERE username=\"$username\" AND password=\"$password\" LIMIT 1") OR die ("Error!"); $count = mysql_num_rows($db); if($count == 1) { list($db) = mysql_fetch_row($db); setcookie("OGNBuser_id", $db, time() +5400); setcookie("OGNBusername", $username, time() +5400); setcookie("OGNBpassword", $password, time() +5400); echo '<html><head><meta http-equiv="refresh" content="0; url=news.php"></head></html>'; exit; } else { $error = 'Login failed!'; require ("login.html.php"); }; } else { $error = ''; require ("login.html.php"); }; ?> Quote Link to comment https://forums.phpfreaks.com/topic/46935-comment-my-login-code/ Share on other sites More sharing options...
MadTechie Posted April 13, 2007 Share Posted April 13, 2007 <?php $username = $_POST['username']; $password = $_POST['password']; $db = mysql_query("SELECT user_id FROM user WHERE username=\"$username\" AND password=\"$password\" LIMIT 1") OR die ("Error!"); ?> SQL injection try password and username as alphanumeric <?php $username = preg_replace("/[^a-zA-Z0-9]/", "", $_POST['username']); $password = preg_replace("/[^a-zA-Z0-9]/", "", $_POST['password ']); ?> Cookies can be spoofed try sessions or a DB session (use Salt+HASH) Quote Link to comment https://forums.phpfreaks.com/topic/46935-comment-my-login-code/#findComment-228910 Share on other sites More sharing options...
Gath Posted April 14, 2007 Author Share Posted April 14, 2007 Ok, thanks. Hmm, yeah, sessions. Dont remember mutch. Only that i hated them Quote Link to comment https://forums.phpfreaks.com/topic/46935-comment-my-login-code/#findComment-228991 Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.