[SOLVED] Login Security

[vicodin]

Hello im new to PHP and pretty much just a beginner programmer... I have created this script to protect some pages in my site. I know there are def a ton of security flaws but am i missing anything huge to where as even moderate hacker could exploit? I do have it where it takes out any type of script and html  from the user entered data. The pages im trying to protect are looking to see if the session['user'] is set and if its not it redirects back to the main page. Any type of feedback would be much appreciated. Thanks!

 

 

 

 

function checkauth($userid,$passid){

mysql_connect("*****", "******", "*******") or die(mysql_error());

mysql_select_db("********") or die(mysql_error());

$query = "SELECT * FROM *****";

$result = mysql_query($query) or die(mysql_error());

 

while ($row = mysql_fetch_array($result)){

if ($row['user'] == $userid && $row['password'] == $passid){

$_SESSION['user'] =$userid;

}

} }

checkauth($_POST['user'],$_POST['pass']);

[Nhoj]

Personally... I think this might simplify things for you... Although, I would simply look further into the mysql_real_escape_string function.

 

mysql_connect('*****', '******', '*******') or die(mysql_error());
mysql_select_db('********') or die(mysql_error());

function checkauth($userid, $passid) {
        $userid = mysql_real_escape_string($userid);
        $password mysql_real_escape_string($userid);
        $user_found = mysql_result(mysql_query('SELECT count(0) FROM `users_table` WHERE `user` = "'.$userid.'" AND `password` = "'.$password.'"'), 0);

        if ($user_found) {
                $_SESSION['user'] = $userid;
        }
}
checkauth($_POST['user'], $_POST['pass']);

[Daniel0]

You might want to encrypt the password which is stored in the database and use some sort of salt to significantly complicate brute-forcing and dictionary attacks if somebody in a way would get access to the user table.