If I run the following script I created, I enter in my username and password, and then I see the login script again, in which no matter what I enter, I am logged in as long as the first username and password I entered has been verified. I realize that with cookies you have to refresh the page before they become active, but I have a header to reload the script. Can anybody please explain what I have done wrong in the script below? Thanks a million!
PHP Code:<?php
// admin_access.php
if ($logout == "yes") {
setcookie("sgf_logged_in[0]");
setcookie("sgf_logged_in[1]");
echo "you have been logged out";
exit;
}
/* Include the files needed for the script */
include("db.php");
/*
set secret variable here, which
is combined with other variables
to make a hash.
*/
$secret_hash_variable = "############";
/*
if the login cookie doesn't exist,
display the login page; if the login
page has been already submitted, verify
the values and set the cookie, then
proceed with the page.
*/
if (!$HTTP_COOKIE_VARS['sgf_logged_in']) {
if ($form != "Site Admin Login") {
$maindatafile = "login";
include("blue.template");
exit;
}
else {
mysql_connect('localhost');
$verify_query = "SELECT * FROM sgf.users WHERE username='$username' AND password=PASSWORD('$password');";
$verify_result = mysql_query($verify_query);
if (mysql_num_rows($verify_result) == 0) {
$maindatafile = "login";
$feedback = "Invalid username/password combination. Please try again:";
include("blue.template");
exit;
}
else {
$query_results = mysql_fetch_array($verify_result);
$db_user_id = $query_results['user_id'];
$db_number_of_sessions = $query_results['number_of_sessions'];
$db_number_of_sessions++;
$sessions_update_query = "UPDATE sgf.users SET last_login = NULL, number_of_sessions = '$db1_number_of_sessions' WHERE user_id = '$db1_user_id';";
mysql_query($sessions_update_query);
$verify_query = "SELECT * FROM sgf.users WHERE user_id='$login_cookie[0]';";
$verify_result = mysql_query($verify_query);
$query_results = mysql_fetch_array($verify_result);
$db_first_name = $query_results['first_name'];
$db_last_name = $query_results['last_name'];
$db_email = $query_results['email'];
$db_username = $query_results['usernane'];
$db_password = $query_results['password'];
$db_last_login = $query_results['last_login'];
$db_number_of_sessions = $query_results['number_of_sessions'];
setcookie("sgf_logged_in[0]",$db_user_id);
setcookie("sgf_logged_in[1]",md5($db_user_id.$db_first_name.$db_last_name.$db_email.$db_username.$db_password.$db_last_login.$db_number_of_sessions.$secret_hash_variable));
header("Location: $PHP_SELF");
exit;
}
}
}
else {
$login_cookie = $HTTP_COOKIE_VARS[sgf_logged_in];
$verify_query = "SELECT * FROM sgf.users WHERE user_id='$login_cookie[0]';";
$verify_result = mysql_query($verify_query);
while ($query_results = mysql_fetch_array($verify_result)) {
$db_user_id = $query_results['user_id'];
$db_first_name = $query_results['first_name'];
$db_last_name = $query_results['last_name'];
$db_email = $query_results['email'];
$db_username = $query_results['usernane'];
$db_password = $query_results['password'];
$db_last_login = $query_results['last_login'];
$db_number_of_sessions = $query_results['number_of_sessions'];
}
$hash = md5($db_user_id.$db_first_name.$db_last_name.$db_email.$db_username.$db_password.$db_last_login.$db_number_of_sessions.$secret_hash_variable);
if ($login_cookie[1] != $hash) {
echo "AAAUGH IT DID NOT WORK!<br>$login_cookie[0]; $login_cookie[1]<br><br>$login_cookie[1]<br>$hash";
exit;
}
else {
//the page will continue.
echo "It works!!!";
}
}
?>
Bookmarks