SyncViews Posted December 8, 2007 Share Posted December 8, 2007 How secure is this? Is it easy for someone to hack and if so what can I do to make it more secure? <?php session_start(); $message = ''; include('./globals.php'); $con = mysql_connect($data_host,$data_user,$data_pass); mysql_select_db($data_base, $con); if (isset($_POST['logout'])) { unset($_SESSION['ID']); session_destroy(); } if(isset($_SESSION['ID'])) { $user_id = $_SESSION['ID']; $user_name = $_SESSION['Name']; $user_pass = $_SESSION['Pass']; $result = mysql_query("SELECT Name, Password FROM admins WHERE ID='$user_id'"); $data = mysql_fetch_array($result); if ($user_name != $data['Name'] || $user_pass != $data['Password']) { session_destroy(); exit('Invalid Session:'); } } else { $user_name = $_POST['user_name']; $user_pass = $_POST['user_pass']; $result = mysql_query("SELECT Password, ID FROM admins WHERE Name='$user_name'"); $data = mysql_fetch_array($result); if ($data['Password'] == $user_pass) { $_SESSION['ID'] = $data['ID']; $_SESSION['Name'] = $user_name; $_SESSION['Pass'] = $user_pass; } else { $message .= 'Password and username do not match data base!'; session_destroy(); } } ?> Then some other stuff on the page... if(isset($_SESSION['ID'])) { //Log out echo '<div>You are logged in as ' . $user_name . '</div>' . '<form action="./admin.php" method="post">' . '<input type="hidden" name="logout" value="1">' . '<input type="submit" value="Log Out">' . '</form>'; Bunch of admin stuff else { echo '<div>To access this page you must be logged in!</div>' . '<form action="admin.php" method="post">' . ' UserName: <input type="text" name="user_name"><br>' . ' Password: <input type="password" name="user_pass"><br>' . ' <input type="submit" value="Submit">' . '</form>'; } Quote Link to comment Share on other sites More sharing options...
rarebit Posted December 8, 2007 Share Posted December 8, 2007 - you should probably hash the password, even salt it. - not sure but are you passing / storing the password everytime, if so, just check password once and then use a session id of some sort - not that it's srictly relevant to this q, but you want some kind of error checking on your sql comm's Quote Link to comment Share on other sites More sharing options...
jacksonmj Posted December 8, 2007 Share Posted December 8, 2007 You need to protect against SQL injection techniques, and storing passwords as plain text is never a good idea (as noted by rarebit, you should really be salting and hashing them). Quote Link to comment Share on other sites More sharing options...
SyncViews Posted December 9, 2007 Author Share Posted December 9, 2007 - you should probably hash the password, even salt it. - not sure but are you passing / storing the password everytime, if so, just check password once and then use a session id of some sort - not that it's srictly relevant to this q, but you want some kind of error checking on your sql comm's 1) K done that now. 2) If I presume the $_SESSION has the correct ID/username/password can't people fake the session and pick any id they please? 3) Done. Quote Link to comment Share on other sites More sharing options...
jacksonmj Posted December 11, 2007 Share Posted December 11, 2007 See http://www.php.net/session Especially the section on session security and some of the comments at the bottom of the page. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.