SitePoint Sponsor

User Tag List

Page 1 of 2 12 LastLast
Results 1 to 25 of 26
  1. #1
    011110010110000101111001 jabird's Avatar
    Join Date
    Aug 2004
    Location
    U.S.
    Posts
    593
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    Exclamation Scary Login Issue

    As I was logging into my CMS today, I typed my password, hit enter, and the second I hit enter, I thought "Oh crap that was the wrong password" But it let me login anyway. So I logged out and tried a few more bogus passwords... I logged in everytime... I even tried a different username (thats not even in the database) and it let me login! SCARY!!

    My process_login.php is:

    PHP Code:
     <?php
     
    // Start the session
     
    session_start();
     
    // Include it all
     
    include('../includes.php');
     
     
    // Get Form Contents
     
    if ( isset($_POST['submit']) ) {
     
    $username trim($_POST['username']);
     
    $password trim($_POST['password']);
     
     
    $sql "SELECT * FROM users WHERE username = '$username' AND password = '$password' LIMIT 0,1";
     
     
    $result = @mysql_query($sql);
     if ( !
    $result ) {
     die(
    'Database Error - Query');
     }
     if ( 
    mysql_num_rows($result) == ) {
     
    $_SESSION['auth'] = 1;
     
    $_SESSION['username'] = $username;
     
     
    $loc 'index.php';
     
    header("location:$loc");
     exit;
     }
     
    ?>
    I've changed SEVERAL things around, and nothing fixed it. I have cleared my cookies and all that stuff, it didn't fix it. I even restarted...

    Can anyone see the error in that script?

    Thanks,
    ~Jabird
    Jabird.com
    If I were binary... I'd be all 1's for you.
    BBCode trouble?

  2. #2
    SitePoint Guru enygmadae's Avatar
    Join Date
    Sep 2002
    Location
    Dallas, Tx.
    Posts
    795
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    what do you get if you do a fetch instead of a num_rows on the MySQL result?
    PHP News, Views and Community: http://www.phpdeveloper.org

  3. #3
    011110010110000101111001 jabird's Avatar
    Join Date
    Aug 2004
    Location
    U.S.
    Posts
    593
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Like:

    if ( mysql_fetch_array($result) ) {

    ?? If so, the same problem...
    ~Jabird
    Jabird.com
    If I were binary... I'd be all 1's for you.
    BBCode trouble?

  4. #4
    SitePoint Guru enygmadae's Avatar
    Join Date
    Sep 2002
    Location
    Dallas, Tx.
    Posts
    795
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    no....more of something like:

    PHP Code:
     while($row=mysql_fetch_assoc($query)){ $arr[]=$row; }
     
    print_r($arr); 
    and see what's in $arr...
    PHP News, Views and Community: http://www.phpdeveloper.org

  5. #5
    SitePoint Member
    Join Date
    Jul 2005
    Posts
    11
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    solution

    If the above code is the same u r using at your cms ... then the problem is that your query is not excecuting , and as your query is not excecuting, your if condition is not working and becouse of this anyuser can login with the wrong user name and password.

    and the solutions for that is ....

    $result = @mysql_query($sql); ........ this line is worng as u are not suposed to use @ sign before mysql_query

    just remove this from here and your cms starts working properly.
    Regards
    Ramneek Chadha
    Xaprio Solutions

  6. #6
    SitePoint Addict
    Join Date
    Jan 2004
    Location
    New York
    Posts
    254
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    My guess is you still have the session cookies and it keeps that $_SESSION['auth'] = 1. This is the variable you use to verify that they are logged in? If so:
    PHP Code:
    <?php
    session_start
    ();
    include(
    '../includes.php');

    if ( isset(
    $_POST['submit']) ) {
    $username trim($_POST['username']);
    $password trim($_POST['password']);

    $sql "SELECT * FROM users WHERE username = '$username' AND password = '$password' LIMIT 0,1";

    $result = @mysql_query($sql);
    if ( !
    $result ) {
    die(
    'Database Error - Query');
    // there should be something like this to reset their status:
    $_SESSION['auth'] = 0// or whatever a 'fail' auth value is.
    $_SESSION['username'] = null;
    }
    if ( 
    mysql_num_rows($result) == ) {
    $_SESSION['auth'] = 1;
    $_SESSION['username'] = $username;

    $loc 'index.php';
    header("location:$loc");
    exit;
    }
    ?>

  7. #7
    SitePoint Wizard Dylan B's Avatar
    Join Date
    Jul 2004
    Location
    NYC
    Posts
    1,150
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by Ramneek
    If the above code is the same u r using at your cms ... then the problem is that your query is not excecuting , and as your query is not excecuting, your if condition is not working and becouse of this anyuser can login with the wrong user name and password.

    and the solutions for that is ....

    $result = @mysql_query($sql); ........ this line is worng as u are not suposed to use @ sign before mysql_query

    just remove this from here and your cms starts working properly.
    The @ suppresses any errors. But you are on the right track. Instead of
    PHP Code:
    $result = @mysql_query($sql); 
    do

    PHP Code:
    $result mysql_query($sql) or die(mysql_error()); 
    Dylan

  8. #8
    SitePoint Enthusiast Gonik's Avatar
    Join Date
    May 2005
    Location
    Thessaloniki, Greece
    Posts
    71
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    try this one..

    PHP Code:
    <?php
    // Start the session
    session_start();
    // Include it all
    include('../includes.php');

    // Get Form Contents
    if ( isset($_POST['submit']) ) {
    $username trim($_POST['username']);
    $password trim($_POST['password']);

    $result = @mysql_query("SELECT * FROM users WHERE username = '$username' ") or die ('Database Error - Query.MySQL returned: '.mysql_error());

    $userinfo mysql_fetch_array($result);
    if (
    $password == $userinfo['password']) {
    $_SESSION['auth'] = 1;
    $_SESSION['username'] = $username;

    $loc 'index.php';
    header("Location: $loc");
    exit;
    }
    exit;
    ?>
    Don't Drink & Surf The Net

  9. #9
    011110010110000101111001 jabird's Avatar
    Join Date
    Aug 2004
    Location
    U.S.
    Posts
    593
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    owch, I think I messed a few things up on my frantic-ness =\ Luckily I have backups, I'll just restore it and fix the problem...

    I'll get back to you if theres anymore problems, thanks
    ~Jabird
    Jabird.com
    If I were binary... I'd be all 1's for you.
    BBCode trouble?

  10. #10
    011110010110000101111001 jabird's Avatar
    Join Date
    Aug 2004
    Location
    U.S.
    Posts
    593
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Thanks for all the posts guys, you must have beat me before my post... anyway, that was not the original script... that was a very quick thrown together thing based off of a pretty outdated script... here's my real one, that I just restored:

    PHP Code:
     <?php
     session_start
    ();
     include(
    '../includes.php');
     if(isset(
    $_POST['submit'])) {
     
    $username trim($_POST['username']);
     
    $password trim($_POST['password']);
     
    $securepass md5($password);
     }
     
    $sql mysql_query("SELECT * FROM users WHERE username = '$username' AND password = '$securepass' LIMIT 0,1");
     
    $result = ($sql);
     if ( !
    $result ) {
     die(
    'Database Error - Query');
     }
     
    $row mysql_fetch_array($sql);
     
    $userid $row['id'];
     
    $_SESSION['userid'] = $userid;
     if(
    $row['user_level'] = 2) {
     
    $_SESSION['user_level'] = 2;
     
    $_SESSION['usr'] = ''.$username.'';
     
    $loc "".$domain."".$path."";
     
    header("Location:$loc");
     exit;
     } else {
     echo(
    "Login failed. Try again.<br />");
     include(
    $_SERVER['DOCUMENT_ROOT'].'/login/login.php');
     exit;
     }
     
    ?>
    I still have that same problem though...
    ~Jabird
    Jabird.com
    If I were binary... I'd be all 1's for you.
    BBCode trouble?

  11. #11
    011110010110000101111001 jabird's Avatar
    Join Date
    Aug 2004
    Location
    U.S.
    Posts
    593
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Btw, my logout and login scripts if they are of any use:

    Logout.php
    PHP Code:
     <?php
     
    // initialize the session
     
    session_start();
     
     
    // Destroy the session
     
    $_SESSION = array();
     
    session_destroy();
     
     
    // Redirect to login.php
     
    $loc '../index.php';
     
    header("location:$loc");
     exit;
     
    ?>
    Login.php
    PHP Code:
     <?php
     
    // Initialize the session
     
    session_start();
     
    ?>
     <form method="post" action="process_login.php">
     <strong>Username:</strong><br />
     <input type="text" name="username" value="" /><br />
     <strong>Password:</strong><br />
     <input type="password" name="password" value="" /><br /><br />
     <input type="submit" name="submit" value="Submit" />
     </form>
    ~Jabird
    Jabird.com
    If I were binary... I'd be all 1's for you.
    BBCode trouble?

  12. #12
    SitePoint Addict
    Join Date
    Jan 2004
    Location
    New York
    Posts
    254
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    When you logout and login with the bogus username/password, do you still get in? If you don't, then this is a cookies management problem.

    To furthur the debugging: in your login.php, put
    PHP Code:
    var_dump($_SESSION); 
    Log out, and goto the login.php page (don't put in anything). What does the var_dump() say?

    Now login with the correct login. Go back to login.php (don't log out) and see what the var_dump() says now.
    If all the $_SESSION values are there, then it is a simple case of adding that extra code I suggested.

  13. #13
    011110010110000101111001 jabird's Avatar
    Join Date
    Aug 2004
    Location
    U.S.
    Posts
    593
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    I don't understand what you're saying =\

    When I logout, I goto login.php and hit submit? and its supposed to say something on login.php? also, does it matter where I put the var_dump thing? or just anywhere?
    ~Jabird
    Jabird.com
    If I were binary... I'd be all 1's for you.
    BBCode trouble?

  14. #14
    011110010110000101111001 jabird's Avatar
    Join Date
    Aug 2004
    Location
    U.S.
    Posts
    593
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Alright, I put it right below session_start(); as a test, and got:

    array(0) { }

    does that help?
    ~Jabird
    Jabird.com
    If I were binary... I'd be all 1's for you.
    BBCode trouble?

  15. #15
    011110010110000101111001 jabird's Avatar
    Join Date
    Aug 2004
    Location
    U.S.
    Posts
    593
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    array(3) { ["userid"]=> string(1) "1" ["user_level"]=> int(2) ["usr"]=> string(5) "admin" }

    when I login with the correct user/pass...
    ~Jabird
    Jabird.com
    If I were binary... I'd be all 1's for you.
    BBCode trouble?

  16. #16
    SitePoint Evangelist klik's Avatar
    Join Date
    Jan 2005
    Location
    Scotland, UK
    Posts
    547
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    PHP Code:
    <?php
    session_start
    ();
    include(
    '../includes.php');
    if(isset(
    $_POST['submit'])) {
    $username trim($_POST['username']);
    $password trim($_POST['password']);
    $securepass md5($password);
    }
    $sql mysql_query("SELECT * FROM users WHERE username = '$username' AND password = '$securepass' LIMIT 0,1");
    $login_check mysql_num_rows($sql);
    if ( !
    $sql 
    {
    die(
    'Database Error - Query');
    }
    if(
    $login_check 0)
    {
    $row mysql_fetch_array($sql);
    $userid $row['id'];
    $_SESSION['userid'] = $userid;
    if(
    $row['user_level'] == 2) {
    $_SESSION['user_level'] = 2;
    $_SESSION['usr'] = ''.$username.'';
    $loc "".$domain."".$path."";
    header("Location:$loc");
    exit;
    }

    else
    {
    echo(
    "Login failed. Try again.<br />");
    include(
    $_SERVER['DOCUMENT_ROOT'].'/login/login.php');
    exit;
    }
    ?>

  17. #17
    SitePoint Addict
    Join Date
    Jan 2004
    Location
    New York
    Posts
    254
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Lets just forget what I said, and try out my suggestion if it's confusing you.

    Here is what I suggest:
    PHP Code:
    <?php
    session_start
    ();
    include(
    '../includes.php');
    if(isset(
    $_POST['submit'])) {
    $username trim($_POST['username']);
    $password trim($_POST['password']);
    $securepass md5($password);
    }
    $sql mysql_query("SELECT * FROM users WHERE username = '$username' AND password = '$securepass' LIMIT 0,1");
    $result = ($sql);
    if ( !
    $result ) {
    die(
    'Database Error - Query');
    /*
    the additional code is below. one line needed
    This resets their status, in case they logged in before.
    */
    $_SESSION = array();
    }
    $row mysql_fetch_array($sql);
    $userid $row['id'];
    $_SESSION['userid'] = $userid;
    if(
    $row['user_level'] = 2) {
    $_SESSION['user_level'] = 2;
    $_SESSION['usr'] = ''.$username.'';
    $loc "".$domain."".$path."";
    header("Location:$loc");
    exit;
    } else {
    echo(
    "Login failed. Try again.<br />");
    include(
    $_SERVER['DOCUMENT_ROOT'].'/login/login.php');
    exit;
    }
    ?>

  18. #18
    011110010110000101111001 jabird's Avatar
    Join Date
    Aug 2004
    Location
    U.S.
    Posts
    593
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    No, the usr part is right... it has nothing to do with the login at all... it is just to get the persons username so I can make a welcome message for them... I'll try that script reall quick, thanks...

    EDIT: With that script I can still login as whoever I want...
    EDIT 2: Oops... I tried both scripts now, didn't notice I had 2 new posts... both have the same problem though =\
    ~Jabird
    Jabird.com
    If I were binary... I'd be all 1's for you.
    BBCode trouble?

  19. #19
    SitePoint Evangelist klik's Avatar
    Join Date
    Jan 2005
    Location
    Scotland, UK
    Posts
    547
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    jabird - I updated my code. You had a comparison error, using one equals instead of 2.


    EDIT - Updated yet again to count the rows returned.

  20. #20
    011110010110000101111001 jabird's Avatar
    Join Date
    Aug 2004
    Location
    U.S.
    Posts
    593
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    woohoo... those comparisons always get me

    now only a real user can login with a real password!

    Is there an easy was to give an error if no login? like redirect to login.php saying they need to supply a correct username/pass? right now if it fails, I just get a blank screen...
    ~Jabird
    Jabird.com
    If I were binary... I'd be all 1's for you.
    BBCode trouble?

  21. #21
    SitePoint Evangelist klik's Avatar
    Join Date
    Jan 2005
    Location
    Scotland, UK
    Posts
    547
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Just use header to redirect them to a page you want. As you did for a successful login.

  22. #22
    011110010110000101111001 jabird's Avatar
    Join Date
    Aug 2004
    Location
    U.S.
    Posts
    593
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Well apparantly your update fixed that problem... it now redirects to login.php upon error...

    Thanks for all your help
    ~Jabird
    Jabird.com
    If I were binary... I'd be all 1's for you.
    BBCode trouble?

  23. #23
    SitePoint Enthusiast zfade3's Avatar
    Join Date
    Jul 2005
    Location
    Endor
    Posts
    78
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    I think the problem is in your if condition:

    PHP Code:
    if($row['user_level'] = 2) { 
    should be:

    PHP Code:
    if($row['user_level'] == 2) { 
    otherwise, you are just assigning the $row['user_level'] with a value of 2 and login will never fail.

    Jimmy Z

    EDIT - oops, you already got it.

  24. #24
    011110010110000101111001 jabird's Avatar
    Join Date
    Aug 2004
    Location
    U.S.
    Posts
    593
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Heheh thanks for the suggestion anyway...

    btw, is your avatar supposed to represent binary? if so... there's a 2 in there =\
    ~Jabird
    Jabird.com
    If I were binary... I'd be all 1's for you.
    BBCode trouble?

  25. #25
    SitePoint Enthusiast zfade3's Avatar
    Join Date
    Jul 2005
    Location
    Endor
    Posts
    78
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    The avatar is titled "Almost Binary" or something (one of the sitepoint avatars until I have 25 posts).


    Jimmy Z


Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •