cozzy1984 Posted February 3, 2008 Share Posted February 3, 2008 Hi, I'm still in early processes of trying to learn PHP and have done a basic form so far for registration on the site i am designing, however I don't know too much about the security side of it and am afraid that my code may not be too secure. Was wondering if possible someone could look at it and tell me if its really vunerable to attacks. I still have to do a check on the invalid chartacters for username and prevent it from having spaces, which i'm trying to figure out. Cheers <?php // Start a session session_start(); include("database.php"); include("login.php"); ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <title>Ad'll Do</title> <link rel='stylesheet' type='text/css' href='css/base.css' /> <script language="javascript"> function info(director) { document.getElementById('directions').innerHTML = director; } function infotitle(text) { document.getElementById('directionstitle').innerHTML = text; } </script> </head> <body class='home'> <div id='top'> <a href="mailto:cozzy1@gmail.com" class="contact"><img src="img/contact.png" alt="" /><span>Contact Us</span></a> </div> <div id='mastheadwrapper'> <div id='masthead'> <ul id='smallnav'> <li><a href='index.php'>Home</a> | </li> <li><a href='register.php';">Sign Up</a> FREE!</li> </ul> </div> </div><!-- end div masthead --> </div><!-- end div masthead wrapper --> <div id='menu'> <ul class="mainmenu"> <li><a href="#" onClick="sendRequest('home.php');">Computers</a></li> <li><a href="#">Electrical</a></li> <li><a href="#">Home & Garden</a></li> <li><a href="#">Music</a></li> <li><a href="#">Pets</a></li> <li><a href="#">Sport & Leisure</a></li> </ul> <div id='searchbar'> <form action='#' method='post'> <input type='text' name='searchtext' size='20' /> <input class='searchbtn' type='submit' value='' title="Search" /> </form> </div> </div> <div id='contentwrapper'> <ul id='bignav'> <li id="nav-home"><a href="index.php"></a></li> <li id="nav-about"><a href="#"></a></li> <li id="nav-faqs"><a href="#"></a></li> </ul> <div id='maincontent'> <div id='content'> <?php if (isset($_POST['submit'])) { $username = trim($_POST['username']); $password = $_POST['password']; $password2 = $_POST['password2']; $md5password = md5($_POST['password']); $email = $_POST['email']; $forename = $_POST['forename']; $surname = $_POST['surname']; $location = $_POST['location']; $ip = $_SERVER['REMOTE_ADDR']; if($username && strlen($username) >= 3){ $query = mysql_query("SELECT username FROM users WHERE username ='$username' LIMIT 1"); if(@mysql_num_rows($query)){ $error['userexists'] = 'Username already exists'; $usernameerror = 'regerrorwrong'; } } else { $error['usernameinput'] = 'Username Invalid'; $usernameerror = 'regerrorwrong'; } if (!$username || !$password || !$email || !$forename || !$surname || !$location) { $error['reqfieldsinput'] = 'Please complete all the fields below '; } if($password && $password2) { if($password != $password2) { $error['dontmatch'] = 'Passwords don\'t match'; $passworderror = 'regerrorwrong'; } } else { $error['passwordinput'] = 'Enter password in both fields'; $passworderror = 'regerrorwrong'; } if($email){ if(!eregi("^[a-zA-Z0-9]+[a-zA-Z0-9_.-]*@[a-zA-Z0-9]+[a-zA-Z0-9_.-])*\.[a-z]{2,4}$", $email)){ $error['emailerror'] = 'Email Incorrect'; $emailerror = 'regerrorwrong'; } else { $query = mysql_query("SELECT username FROM users WHERE email='$email' LIMIT 1"); if(@mysql_num_rows($query)){ $error['emailexists'] = 'Email exists'; $emailerror = 'regerrorwrong'; } } } else { $error['emailinput'] = 'Email Required'; $emailerror = 'regerrorwrong'; } if(strlen($forename) > 15){ $error['forename'] = 'Forename too long'; $forenameerror = 'regerrorwrong'; } if(strlen($surname) > 20){ $error['surname'] = 'Surname too long'; $surnameerror = 'regerrorwrong'; } if ($location == 'Please Select'){ $error['location'] = 'Please select a location'; $locationerror = 'regerrorwrong'; } $query = mysql_query("SELECT ipaddress FROM users WHERE ipaddress ='$ip' LIMIT 1"); if(@mysql_num_rows($query)){ $error['ipexists'] = 'You IP address already has an account registered'; } } if(!$error && isset($_POST['submit'])){ mysql_query("INSERT INTO users (username, password, email, forename, surname, location, ipaddress) VALUES ('$username', '$md5password', '$email', '$forename', '$surname', '$location', '$ip')"); ?> <div id='postit'> <div id='scotchtape'> <img src='img/scotchtape.png' alt='' height='41' width='100'> </div> <h2>Registration Successful</h2> <?php echo "<p>Congratulations <span class='highlight'>$username</span>, your registration was successful. Your account has now been created with the following details:</p>";?> </div> <?php echo "<p class='registered'><font color='#bc2525'>Username:</font> $username</p>"; echo "<p class='registered'><font color='#bc2525'>Password:</font> $password</p>"; echo "<p class='registered'><font color='#bc2525'>Email:</font> $email</p>"; echo "<p class='registered'><font color='#bc2525'>Forename:</font> $forename</p>"; echo "<p class='registered'><font color='#bc2525'>Surname:</font> $surname</p>"; echo "<p class='registered'><font color='#bc2525'>Location:</font> $location</p><br/><br/>"; echo "<span class='box'>You may now login using the login form & begin creating adverts.</span>"; } else{ ?> <div id='postit'> <div id='scotchtape'> <img src='img/scotchtape.png' alt='' height='41' width='100' /> </div> <h2>Sign Up Form</h2> <p><span class='highlight'>Please enter your details below to register.</span><br/>Be advised that contact to you from buyers will be made through the email address that you supply therefore it must be a valid one.</p> <div id="helpicon"><img src='img/help_icon.png' alt='' height='70' width='70' /></div> <div id="directionstitle">Help Information</div> <div id="directions">This box will contain help relating to each section.<br/> All fields are required.</div> <span class="regerror"><?php echo $error['reqfieldsinput']; ?></span><br/><span class="regerror"><?php echo $error['ipexists']; ?></span> </div> <form name="registration" method="post" class="regform" action="" enctype="application/x-www-form-urlencoded"> <fieldset> <label for="username">Username:</label> <input name="username" type="text" id="username" maxlength="12" value="<?php echo $_POST['username']; ?>" onfocus="infotitle('Enter Username'); info('Your username must be between 3 and 12 characters in length and cannot contain any spaces.');" /> <span class="<?php echo $usernameerror; ?>"><?php echo $error['userexists']; echo $error['usernameinput']; ?></span> </fieldset> <fieldset> <label for="password">Password:</label> <input name="password" type="password" id="password" maxlength="15" value="<?php echo $_POST['password']; ?>" onfocus="infotitle('Enter Password'); info('Your password can be any combination of characters and must be at least 4 chartacters in length.');" /> <span class="<?php echo $passworderror; ?>"><?php echo $error['dontmatch']; echo $error['passwordinput']; ?></span> </fieldset> <fieldset> <label for="password2">Re-Type Password:</label> <input name="password2" type="password" id="password2" maxlength="15" value="<?php echo $_POST['password2']; ?>" onfocus="infotitle('Re-Enter Password'); info('Please re-enter your password to make sure it is correct');" /> </fieldset> <fieldset> <label for="email">Email:</label> <input name="email" type="text" id="email" maxlength="35" value="<?php echo $_POST['email']; ?>" onfocus="infotitle('Enter Email Address'); info('Your email address is how buyers will intially contact you. Therefore it is essential that you supply the correct email. ');" /> <span class="<?php echo $emailerror; ?>"><?php echo $error['emailinput']; ?><?php echo $error['emailerror']; echo $error['emailexists']; ?></span> </fieldset> <fieldset> <label for="forename">Forename:</label> <input name="forename" type="text" id="forename" maxlength="15" value="<?php echo $_POST['forename']; ?>" onfocus="infotitle('Enter Forename'); info('Your forename is needed for our records only, and won\'t be posted up for other users to see.');" /> <span class="<?php echo $forenameerror; ?>"><?php echo $error['forename']; ?></span> </fieldset> <fieldset> <label for="surname">Surname:</label> <input name="surname" type="text" id="surname" maxlength="20" value="<?php echo $_POST['surname']; ?>" onfocus="infotitle('Enter Surname'); info('Again this is for our records only, other users will only know you by your username.');" /> <span class="<?php echo $surnameerror; ?>"><?php echo $error['surname']; ?></span> </fieldset> <fieldset> <label for="county">Location:</label> <select name="location" onfocus="infotitle('Enter Location'); info('Please select the location that you live in, this will be displayed in your ads.');"> <option value="Please Select">Please Select..</option> <option value="Co.Antrim">Co.Antrim</option> <option value="Co.Armagh">Co.Armagh</option> </select> <span class="<?php echo $locationerror; ?>"><?php echo $error['location']; ?></span> </fieldset> <br /> <input type="submit" class="signupbtn" name="submit" value="" /> </form> <?php } ?> </div> </div> <div id='sidebar'> <div id='member'> <?php displaylogin(); ?> </div> <div id='categories'> <h2>Categories</h2> <ul class="cats"> <li><a href="#">Computers</a></li> <li><a href="#">Electrical</a></li> <li><a href="#">Home & Garden</a></li> <li><a href="#">Music</a></li> <li><a href="#">Pets</a></li> <li><a href="#">Sport & Leisure</a></li> </ul> </div> </div> <div id='floatclearer'>.</div> </div><!-- end div contentwrapper --> <!--footer start --> <div id="footerMain"> <div id="footer"> <ul> <li><a href="#">Computers</a>|</li> <li><a href="#">Electrical</a>|</li> <li><a href="#">Home & Garden</a>|</li> <li><a href="#">Music</a>|</li> <li><a href="#">Pets</a>|</li> <li><a href="#">Sports & Leisure</a>|</li> <li><a href="#">FAQs</a>|</li> <li><a href="#">Terms & Conditions</a>|</li> <li><a href="#">Contact Us</a></li> </ul> <p class="copyright">©Ad'll Do. All rights reserved.</p> </div> </div> <!--footer end --> </body> </html> Quote Link to comment https://forums.phpfreaks.com/topic/89212-php-form-security/ Share on other sites More sharing options...
cozzy1984 Posted February 3, 2008 Author Share Posted February 3, 2008 Anyone able to shed some light on whether my code is unsecure and how i cud make it more secure i wud much appreciate it. Quote Link to comment https://forums.phpfreaks.com/topic/89212-php-form-security/#findComment-456994 Share on other sites More sharing options...
Aureole Posted February 3, 2008 Share Posted February 3, 2008 Well for the "detecting spaces in the username" thing, you could try... <?php strstr( ' ', $username ); // The above will evaluate to true if a space is found in $username... false otherwise. // Or how about... $username = explode( ' ', $username ); if( is_array( $username ) && count( $username ) > 1 ) { // There was at least one space in $username } ?> Those are probably bad ways of doing it, but I'm just trying to help... As far as checking for invalid characters goes, you want to use preg_match() and as far as security goes... I don't really know anything about security in PHP... Though I hear mysql_real_escape_string() works well. Quote Link to comment https://forums.phpfreaks.com/topic/89212-php-form-security/#findComment-457003 Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.