Jump to content

academ1c

New Members
 View Profile  See their activity

  • Posts

    6

  • Joined

  • Last visited

    Never

Profile Information

  • Gender
    Not Telling

academ1c's Achievements

Newbie

Newbie (1/5)

0

Reputation

  1. academ1c
    Okay, thanks for the SQL thing, I'll set that up now. Yeah, the session thing is strange. Thanks for your help though
  2. academ1c
    session_start(); is already at the top of every page. Should mention also that, if I load a page and it says authentication is fine, it will then tell me to login again as soon as I refresh it. With the SQL injections, would it be best just to make another variable which holds the string escaped one? For example: $a = 5; $a_escaped = mysql_real_escape_string($a);
  3. academ1c
    Hi all, got another question. I'm working on security for my database management project 'cept I'm having some trouble with it. Firstly, If I login I can go to a page that needs authorization just fine but as soon as I load another page it asks me to login again. Here is my functions.php script: <?php //salt fuction function generate_salt() { $salt = ''; for ($i = 0; $i < 32; $i++) { $salt .= chr(rand(35, 126)); } return $salt; } function user_register($username, $password) { $salt = generate_salt(); //generate the salt $encrypted = md5(md5($password).$salt); //encrypt the password $query = "INSERT INTO user (username, password, salt) VALUES ('$username', '$encrypted', '$salt')"; mysql_query($query) or die ('Could not create user'); } function user_login($username, $password) { //get the user's salt $query = "SELECT salt FROM user WHERE username = '$username' LIMIT 1"; $result = mysql_query($query); if (mysql_num_rows($result) > 0) { //get the user $user = mysql_fetch_array($result); //use salt to re-encrypt password and check for a match $encrypted_pass = md5(md5($password).$user['salt']); //get userid from username + encrypted password $query = "SELECT userid, username FROM user WHERE username = '$username' AND password = '$encrypted_pass'"; $result = mysql_query($query); if (mysql_num_rows($result) > 0) $user = mysql_fetch_array($result); //encrypt the data that will be stored in the session $encrypted_id = md5($user['userid']); $encrypted_name = md5($user['username']); //store the data in a session $_SESSION['userid'] = $user['userid']; $_SESSION['username'] = $user['$username']; $_SESSION['encrypted_id'] = $encrypted_id; $_SESSION['encrypted_name'] = $encrypted_name; //return ok code return 'Correct'; } else { return 'Invalid password,'; } } else { return 'Invalid username,'; } } function user_logout() { //unset all session vars and destory session data session_unset(); session_destroy(); } function is_authed() { // Check if the encrypted username is the same // as the unencrypted one, if it is, it hasn't been changed if (isset($_SESSION['userid']) && md5($_SESSION['userid']) == $_SESSION['encrypted_id']) { return true; } else { return false; } } //new function from roScripts: //http://www.roscripts.com/Protect_against_SQL_Injection-72.html //use on mysql statements to protect against mysql injection attacks function clean_content($content) { $content = stripslashes(trim($content)); $content = nl2br($content); $content = htmlentities($content); return $content; } ?> Note The last bit with the comments, that's for my SQL injection prevention which I'll talk about later. Header file: <?php session_start(); $db_server = "localhost"; $db_username = "root"; $db_password = ""; $db_name = "forensic"; $con = mysql_connect($db_server,$db_username,$db_password); if (!$con) { die('Could not connect to database: ' . mysql_error()); } else { print '<div align="center">Connection to database was successful.<br /></div>'; } mysql_select_db($db_name, $con) or die (mysql_error()); srand(); //seed random number generator to improve "randomness" of salt include 'functions.php'; //include functions script (generate salt, user register, login, logout, check authorization) if (!is_authed()) { die ("<br /><p align='center'>You are not logged in. Please <a href='login_form.php'>login here</a></p>."); } ?> Finally, the login form: <?php if (isset($login_error)) { ?> <?php echo $login_error; ?> please try again. <?php } ?> <form action="login.php" method="post"> <table> <tr><td><b>Username:</b></td> <td><input type="text" size="20" maxlength="20" name="username" <?php if (isset($_POST['username'])) { ?> value="<?php echo $_POST['username']; ?>" <?php } ?>/></td></tr> <tr><td><b>Password:</b></td> <td><input type="password" size="20" maxlength="32" name="password" /></td></tr> </table> <input type="submit" name="submit" value="Login" /> </form> I *very* slightly modified this tutorial to do my authorization stuff. Not sure what it is wrong with it there. If it's more than just a simple error with my code and you need to test it, just ask and I'll zip + send it. The other point is SQL injection for my login. Don't know if it's actually prone to it. The code below the comments at the end of the first script (just copied and pasted it from roScripts and left it there) is what I might use for SQL injection prevention but like I said, I'm not sure if it's necessary. Any guidance on this would be great. Sorry if any of this is hard to understand, I'm not very good at explaining stuff
  4. academ1c
    I suppose I'm self-taught. Read PHP books and used W3 schools to learn all I currently know (which isn't very much :P).
  5. academ1c
    I'm 14 and male and have been coding since I was about 10 or 11 using Actionscript in Macromedia (now Adobe of course) Flash. When I was 11 I went to an "Adult Ed" course (normally you'd have to be 16 to get in... managed to get in though through my dad who was helping with the venue and was friends with the tutor). Done coding in Actionscript, C, C++, Javascript, HTML (I still suck at it, could never be bothered to learn it ) and PHP. The only languages that I've actually achieved stuff with though are PHP and Actionscipt (although I've forgotten most of the Actionscript I once knew, no need for it now). I would love to learn more PHP and C++ (and German and Cantonese... ). Um... that's about it for now I think...
  6. academ1c
    Hi all! This will probably be a fairly lengthy post... So, firstly. A friend and I are writing a series of scripts that intend to teach some very basic PHP (ie: print/echo commands, variables etc, *very* simple stuff). The way we decided to do this was to create a simple login script (no encryption, this will be run on a local network and doing that would be an unnecessary waste of time). By registering with the script, a file is created with the username, eg: academ1c.php. After logging in, the idea is that the file is opened and the contents of a text area form is written to it. However, the latter (and most important part) of this project doesn't work. Through testing I've found that the problem is a $_SESSION variable that is being used to reference the current user throughout the script isn't being correctly assigned. The whole project is around 8-10 scripts. The login script was written by my friend while I have written pretty much the rest (yes, what I have done is currently less, but he was doing his from a tutorial ). The scripts are as follows: Combined file. Brings together written tutorial as well as text area form (in which the user can edit his code). <html> <head> <frameset rows="60%,40%"> <frame src="tutorial.php"> <frame src="editor.php"> </frameset> </html> </head> The previously mentioned editor file <html> <head> <form method="post" action="writecode.php"> <textarea rows="10" cols="75" name="code">Code goes here.</textarea> <br/> <input type="submit" name="submit" value="Submit Code"></input> </form> </head> </html> The previously mentioned tutorial file. Still a WIP as you can see <html> <head> <title>PHP Tutorial</title> <h1>Welcome to PHP!</h1> </head> <body> This tutorial will teach you some of the fundamentals of the PHP programming language. </body> </html> The previously mentioned tutorial file. Still a WIP as you can see <html> <head> <title>PHP Tutorial</title> <h1>Welcome to PHP!</h1> </head> <body> This tutorial will teach you some of the fundamentals of the PHP programming language. </body> </html> The login script <table width="300" border="0" align="center" cellpadding="0" cellspacing="1" bgcolor="#CCCCCC"> <tr> <form name="form1" method="post" action="checklogin.php"> <td> <table width="100%" border="0" cellpadding="3" cellspacing="1" bgcolor="#FFFFFF"> <tr> <td colspan="3"><strong>Member Login</strong></td> </tr> <tr> <td width="78">Username</td> <td width="6">:</td> <td width="294"><input name="myusername" type="text" id="myusername"></td> </tr> <tr> <td>Password</td> <td>:</td> <td><input name="mypassword" type="password" id="mypassword"></td> </tr> <tr> <td> </td> <td> </td> <td> <input type="submit" name="Submit" value="Login"> <a href="newuser.php">Register</a> </td> </tr> </table> </td> </form> </tr> </table> The add user script. This is where the users files are created. Currently working! <?php $host="localhost"; // Host name $username="root"; // Mysql username $password=""; // Mysql password $db_name="science_tutorial"; // Database name $tbl_name="members"; // Table name // Connects to your Database mysql_connect("$host", "$username", "$password") or die("Cannot connect."); mysql_select_db("$db_name")or die("cannot select DB"); // This makes sure both passwords entered match if (!$_POST['myusername'] || !$_POST['mypassword'] || !$_POST['mypassword2'] ) { die('You did not complete all of the required fields.'); } //Assign the username to a variable. $currentuser = $_POST['myusername']; // Now we insert it into the database $insert = "INSERT INTO $tbl_name (Name, username, password) VALUES ('".$_POST['myname']."', '".$_POST['myusername']."', '".$_POST['mypassword']."')"; $add_member = mysql_query($insert); //Create a file for the user. $currentuser = fopen("$currentuser.php","x+"); ?> <h1>Registered</h1> <p>Thank you, you have registered - you may now <a href ="login.php">login.</a></p> This script checks the login details provided. It is here that the $_SESSION variables are declared. <?php $host="localhost"; // Host name $username="root"; // Mysql username //$password=""; // Mysql password $db_name="science_tutorial"; // Database name $tbl_name="members"; // Table name // Connect to server and select databse. mysql_connect("$host", "$username", "$password")or die("cannot connect"); mysql_select_db("$db_name")or die("cannot select DB"); // username and password sent from signup form $myusername=$_POST['myusername']; $mypassword=$_POST['mypassword']; //assign username and password to session variables for access all over the script $_SESSION['myusername'] = $myusername; $_SESSION['mypassword'] = $mypassword; $sql="SELECT * FROM $tbl_name WHERE username='$myusername' and password='$mypassword'"; $result=mysql_query($sql); // Mysql_num_row is counting table row $count=mysql_num_rows($result); // If result matched $myusername and $mypassword, table row must be 1 row if($count==1){ // Register $myusername, $mypassword and redirect to file "login_success.php" session_register("myusername"); session_register("mypassword"); header("location:loginsuccess.php"); } else { echo "Wrong Username or Password"; } ?> This script is displayed to the user when they have succesfully entered their details. <html> <body> <? session_start(); if(!session_is_registered(myusername)){ header("location:main_login.php"); } ?> <p>Login Successful!</p> <a href="combined.php">Click here to continue on to the tutorial!</a> </body> </html> This script simply provides are form with which the user can use to register. <table width="300" border="0" align="center" cellpadding="0" cellspacing="1" bgcolor="#CCCCCC"> <tr> <form name="form1" method="post" action="addlogin.php"> <td> <table width="100%" border="0" cellpadding="3" cellspacing="1" bgcolor="#FFFFFF"> <tr> <td colspan="3"><strong>Member Login </strong></td> </tr> <tr> <td width="78">Name</td> <td width="6">:</td> <td width="294"><input name="myname" type="text" id="myname"></td> </tr> <tr> <td width="78">Username</td> <td width="6">:</td> <td width="294"><input name="myusername" type="text" id="myusername"></td> </tr> <tr> <td>Password</td> <td>:</td> <td><input name="mypassword" type="password" id="mypassword"></td> </tr> <tr> <td>Enter Password Again</td> <td>:</td> <td><input name="mypassword2" type="password" id="mypassword2"></td> </tr> <tr> <td> </td> <td> </td> <td><input type="submit" name="Submit" value="Login"></td> </tr> </table> </td> </form> </tr> </table> This script appears to be the faulty one. The idea is that it writes the contents of the previously submitted form to the user's PHP file. The two middle print commands are in place to check what variables are being sent and what ones aren't. The $code variable is successfully obtained but the $_SESSION variable isn't. <html> <head> <title>PHP Tutorial</title> </head> <body> <?php print "Begin write to file...<br />"; $code = $_POST['code']; print $code . "<br />"; $user = $_SESSION['myusername']; print $user . "<br />"; $file = fopen("$user.php","w+") or exit("Unable to open file!"); fwrite($file, $code); fclose($file); ?> </body> </html> Final Notes Please note, both my friend and I are beginners to PHP as this script probably demonstrates () and I'm sure the error is something quite obvious. We have been testing this entirely on local servers but setting it up for testing is simple enough, all files go in some folder in the 'www' folder Thanks in advance for any help that is given!
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.