Tycoon Talk
Become a Big fish!
The number 1 forum for online business!
Post topics, ask questions, share your knowledge.
Tycoon Talk is part of Freelancer.com - find skilled workers online at a fraction of the cost.

PHP Forum


You are currently viewing our PHP Forum as a guest. Please register to participate.
Login


Tycoon Talk > Web Development and Programming Support > PHP Forum > PHP Newbie, My First Script, Login, Please help with security advice.

Freelance Jobs

Reply
PHP Newbie, My First Script, Login, Please help with security advice.
Old 12-06-2008, 06:23 AM PHP Newbie, My First Script, Login, Please help with security advice.
Novice Talker

Posts: 7
Trades: 0
Talkupation: PHP-Devline is on a distinguished road
Hi, I'm new to PHP, I've wrote my first page (below) and it works . Can anyone tell me please if it can be improved (security wise).

Thank You .

PHP Code:
<?php
session_start(); // session start
require_once('include.php');
$form $_POST['submit'];
$username mysql_real_escape_string($_POST['username']);
$password mysql_real_escape_string(md5($_POST['password']));
if(isset($form)) {
 if(isset($username) && isset($password) && $username !== '' && $password !== '') {
  $sql mysql_query("SELECT * FROM `usersystem` WHERE username='$username' and password='$password'");
    if( mysql_num_rows($sql) != ) { //success
    $row=mysql_fetch_array($sql);
     $_SESSION['logged-in'] = true;
    $_SESSION['username'] = $row['username'];
    $_SESSION['level'] = $row['level'];
     header('Location: red.php');
     exit;
    } else { $error "<h1>Incorrect login details</h1>"; }
 } else { $error "<h1>All information is not filled out correctly</h1>"; }
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<title>Login</title>
<style>
*{ FONT-SIZE: 8pt; FONT-FAMILY: verdana; } b { FONT-WEIGHT: bold; } .listtitle { BACKGROUND: #425984; COLOR: #EEEEEE; white-space: nowrap; } td.list { BACKGROUND: #EEEEEE; white-space: nowrap; } </style>
</head>
</head>
<body>
<center><br><br><br><br>
<h1>Login</h1>
<?php
echo "$error";
?>
<table cellspacing=1 cellpadding=5>
<tr><td class=listtitle colspan=2>Please enter your Username and Password</td></tr>
<form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post" />
<tr><td class=list align=right>Username:</td><td class=list><input name="username" type="text" /></td></tr>
<tr><td class=list align=right>Password:</td><td class=list><input name="password" type="password" /></td></tr>
<tr><td class=listtitle align=right colspan=2><input name="submit" type="submit" value="Log In" /></td></tr>
</center></form>
</body>
</html>
PHP-Devline is offline
Reply With Quote
View Public Profile
 
 
Register now for full access!
Old 12-06-2008, 11:05 AM Re: PHP Newbie, My First Script, Login, Please help with security advice.
amw_drizz's Avatar
Ultra Talker

Posts: 340
Name: Jon
Location: New York
Trades: 0
Talkupation: amw_drizz will become famous soon enoughamw_drizz will become famous soon enough
Okay, not to bad, but first thing is that your HTML section did not pass the w3c validation test, here is the corrected version of that

HTML Code:
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<title>Login</title>
<style type="text/css">
*{ FONT-SIZE: 8pt; FONT-FAMILY: verdana; } b { FONT-WEIGHT: bold; } .listtitle { BACKGROUND: #425984; COLOR: #EEEEEE; white-space: nowrap; } td.list { BACKGROUND: #EEEEEE; white-space: nowrap; } </style>
</head>
<body>
<center>
<br /><br /><br /><br />
<h1>Login</h1>
<?php
echo "$error";
?>
<form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post">
<table cellspacing='1' cellpadding='5'>
<tr><td class='listtitle' colspan='2'>Please enter your Username and Password</td></tr>
<tr><td class='list' align='right'>Username:</td><td class='list'><input name="username" type="text" /></td></tr>
<tr><td class='list' align='right'>Password:</td><td class='list'><input name="password" type="password" /></td></tr>
<tr><td class='listtitle' align='right' colspan='2'><input name="submit" type="submit" value="Log In" /></td></tr>
</table>
</form>
</center>
</body>
</html>
Now that should pass you can check here -> http://validator.w3.org/#validate_by_input

As your code, Not much needed to be changed with that, just make sure when you want to see if some thing equals or doesn't use this == in your if statments, you did that for the first one but not the secone, as the second you are saying
PHP Code:
$var 'x' 
type deal

SO here is it all
PHP Code:
<?php
session_start(); // session start
require_once('include.php');
$form $_POST['submit'];
$username mysql_real_escape_string($_POST['username']);
$password mysql_real_escape_string(md5($_POST['password']));
if(isset($form)) {
 if(isset($username) && isset($password) && $username !== '' && $password !== '') {
  $sql mysql_query("SELECT * FROM `usersystem` WHERE username='$username' and password='$password'");
    if( mysql_num_rows($sql) !== ) { //success
    $row=mysql_fetch_array($sql);
     $_SESSION['logged-in'] = true;
    $_SESSION['username'] = $row['username'];
    $_SESSION['level'] = $row['level'];
     header('Location: red.php');
     exit;
    } else { $error "<h1>Incorrect login details</h1>"; }
 } else { $error "<h1>All information is not filled out correctly</h1>"; }
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<title>Login</title>
<style type="text/css">
*{ FONT-SIZE: 8pt; FONT-FAMILY: verdana; } b { FONT-WEIGHT: bold; } .listtitle { BACKGROUND: #425984; COLOR: #EEEEEE; white-space: nowrap; } td.list { BACKGROUND: #EEEEEE; white-space: nowrap; } </style>
</head>
<body>
<center>
<br /><br /><br /><br />
<h1>Login</h1>
<?php
echo "$error";
?>
<form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post">
<table cellspacing='1' cellpadding='5'>
<tr><td class='listtitle' colspan='2'>Please enter your Username and Password</td></tr>
<tr><td class='list' align='right'>Username:</td><td class='list'><input name="username" type="text" /></td></tr>
<tr><td class='list' align='right'>Password:</td><td class='list'><input name="password" type="password" /></td></tr>
<tr><td class='listtitle' align='right' colspan='2'><input name="submit" type="submit" value="Log In" /></td></tr>
</table>
</form>
</center>
</body>
</html>
I suggest that you compare my revision against yours so you know what I changed in it, and when doing html don't forget the ' ' in your tags. like <td class='something'> not <td class=something> that wont pass the validation. may work on some browsers though if you do it the 2nd way.

HTH Jon
__________________
AMW_Drizz
Dev Machine:: Apache 2.2.6 PHP 5.2.6 MySQL 5.1
amw_drizz is offline
Reply With Quote
View Public Profile Visit amw_drizz's homepage!
 
Old 12-06-2008, 01:35 PM Re: PHP Newbie, My First Script, Login, Please help with security advice.
Insensus's Avatar
Ultra Talker

Posts: 487
Name: Mark Stegeman
Location: Netherlands, Europe
Trades: 0
Talkupation: Insensus is a glorious beacon of lightInsensus is a glorious beacon of lightInsensus is a glorious beacon of lightInsensus is a glorious beacon of lightInsensus is a glorious beacon of lightInsensus is a glorious beacon of light
One small suggestions and one BIG security fix.

Suggestion:
You could use empty(); instead of a combination of isset(); and !==''.

Security:
It's not wise to use $_SERVER['PHP_SELF'] as form action, because it's very vulnerable to XSS attacks.
You should always filter by an input function. htmlentities(); for example.
__________________
<?php ($helpfull>0)?$talkupation++ : '';?>
Insensus is offline
Reply With Quote
View Public Profile
 
Old 12-06-2008, 05:30 PM Re: PHP Newbie, My First Script, Login, Please help with security advice.
Novice Talker

Posts: 7
Trades: 0
Talkupation: PHP-Devline is on a distinguished road
Quote:
Originally Posted by amw_drizz View Post
Okay, not to bad, but first thing is that your HTML section did not pass the w3c validation test, here is the corrected version of that

HTML Code:
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<title>Login</title>
<style type="text/css">
*{ FONT-SIZE: 8pt; FONT-FAMILY: verdana; } b { FONT-WEIGHT: bold; } .listtitle { BACKGROUND: #425984; COLOR: #EEEEEE; white-space: nowrap; } td.list { BACKGROUND: #EEEEEE; white-space: nowrap; } </style>
</head>
<body>
<center>
<br /><br /><br /><br />
<h1>Login</h1>
<?php
echo "$error";
?>
<form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post">
<table cellspacing='1' cellpadding='5'>
<tr><td class='listtitle' colspan='2'>Please enter your Username and Password</td></tr>
<tr><td class='list' align='right'>Username:</td><td class='list'><input name="username" type="text" /></td></tr>
<tr><td class='list' align='right'>Password:</td><td class='list'><input name="password" type="password" /></td></tr>
<tr><td class='listtitle' align='right' colspan='2'><input name="submit" type="submit" value="Log In" /></td></tr>
</table>
</form>
</center>
</body>
</html>
Now that should pass you can check here -> http://validator.w3.org/#validate_by_input

As your code, Not much needed to be changed with that, just make sure when you want to see if some thing equals or doesn't use this == in your if statments, you did that for the first one but not the secone, as the second you are saying
PHP Code:
$var 'x' 
type deal

SO here is it all
PHP Code:
<?php
session_start(); // session start
require_once('include.php');
$form $_POST['submit'];
$username mysql_real_escape_string($_POST['username']);
$password mysql_real_escape_string(md5($_POST['password']));
if(isset($form)) {
 if(isset($username) && isset($password) && $username !== '' && $password !== '') {
  $sql mysql_query("SELECT * FROM `usersystem` WHERE username='$username' and password='$password'");
    if( mysql_num_rows($sql) !== ) { //success
    $row=mysql_fetch_array($sql);
     $_SESSION['logged-in'] = true;
    $_SESSION['username'] = $row['username'];
    $_SESSION['level'] = $row['level'];
     header('Location: red.php');
     exit;
    } else { $error "<h1>Incorrect login details</h1>"; }
 } else { $error "<h1>All information is not filled out correctly</h1>"; }
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<title>Login</title>
<style type="text/css">
*{ FONT-SIZE: 8pt; FONT-FAMILY: verdana; } b { FONT-WEIGHT: bold; } .listtitle { BACKGROUND: #425984; COLOR: #EEEEEE; white-space: nowrap; } td.list { BACKGROUND: #EEEEEE; white-space: nowrap; } </style>
</head>
<body>
<center>
<br /><br /><br /><br />
<h1>Login</h1>
<?php
echo "$error";
?>
<form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post">
<table cellspacing='1' cellpadding='5'>
<tr><td class='listtitle' colspan='2'>Please enter your Username and Password</td></tr>
<tr><td class='list' align='right'>Username:</td><td class='list'><input name="username" type="text" /></td></tr>
<tr><td class='list' align='right'>Password:</td><td class='list'><input name="password" type="password" /></td></tr>
<tr><td class='listtitle' align='right' colspan='2'><input name="submit" type="submit" value="Log In" /></td></tr>
</table>
</form>
</center>
</body>
</html>
I suggest that you compare my revision against yours so you know what I changed in it, and when doing html don't forget the ' ' in your tags. like <td class='something'> not <td class=something> that wont pass the validation. may work on some browsers though if you do it the 2nd way.

HTH Jon
Thank You

Quote:
Originally Posted by Insensus View Post
One small suggestions and one BIG security fix.

Suggestion:
You could use empty(); instead of a combination of isset(); and !==''.

Security:
It's not wise to use $_SERVER['PHP_SELF'] as form action, because it's very vulnerable to XSS attacks.
You should always filter by an input function. htmlentities(); for example.
Interesting, Thank You .

Would you be able to post a modified copy of the code please so I can understand better, Many Thanks .
Last edited by PHP-Devline; 12-06-2008 at 05:32 PM..
PHP-Devline is offline
Reply With Quote
View Public Profile
 
Old 12-06-2008, 07:48 PM Re: PHP Newbie, My First Script, Login, Please help with security advice.
Insensus's Avatar
Ultra Talker

Posts: 487
Name: Mark Stegeman
Location: Netherlands, Europe
Trades: 0
Talkupation: Insensus is a glorious beacon of lightInsensus is a glorious beacon of lightInsensus is a glorious beacon of lightInsensus is a glorious beacon of lightInsensus is a glorious beacon of lightInsensus is a glorious beacon of light
PHP Code:
<?php
session_start(); // session start
require_once('include.php');
$form $_POST['submit'];
$username mysql_real_escape_string($_POST['username']);
$password mysql_real_escape_string(md5($_POST['password']));
if(isset($form)) {
 if(!empty($username) && !empty($password)) {
  $sql mysql_query("SELECT * FROM `usersystem` WHERE username='$username' and password='$password'");
    if( mysql_num_rows($sql) != ) { //success
    $row=mysql_fetch_array($sql);
     $_SESSION['logged-in'] = true;
    $_SESSION['username'] = $row['username'];
    $_SESSION['level'] = $row['level'];
     header('Location: red.php');
     exit;
    } else { $error "<h1>Incorrect login details</h1>"; }
 } else { $error "<h1>All information is not filled out correctly</h1>"; }
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<title>Login</title>
<style>
*{ FONT-SIZE: 8pt; FONT-FAMILY: verdana; } b { FONT-WEIGHT: bold; } .listtitle { BACKGROUND: #425984; COLOR: #EEEEEE; white-space: nowrap; } td.list { BACKGROUND: #EEEEEE; white-space: nowrap; } </style>
</head>
</head>
<body>
<center><br><br><br><br>
<h1>Login</h1>
<?php
echo "$error";
?>
<table cellspacing=1 cellpadding=5>
<tr><td class=listtitle colspan=2>Please enter your Username and Password</td></tr>
<form action="<?php echo htmlentities($_SERVER['PHP_SELF']); ?>" method="post" />
<tr><td class=list align=right>Username:</td><td class=list><input name="username" type="text" /></td></tr>
<tr><td class=list align=right>Password:</td><td class=list><input name="password" type="password" /></td></tr>
<tr><td class=listtitle align=right colspan=2><input name="submit" type="submit" value="Log In" /></td></tr>
</center></form>
</body>
</html>
__________________
<?php ($helpfull>0)?$talkupation++ : '';?>
Insensus is offline
Reply With Quote
View Public Profile
 
Old 12-07-2008, 05:52 AM Re: PHP Newbie, My First Script, Login, Please help with security advice.
Novice Talker

Posts: 7
Trades: 0
Talkupation: PHP-Devline is on a distinguished road
Thank You Insensus
PHP-Devline is offline
Reply With Quote
View Public Profile
 
Old 02-08-2009, 07:34 AM Re: PHP Newbie, My First Script, Login, Please help with security advice.
Novice Talker

Posts: 7
Trades: 0
Talkupation: PHP-Devline is on a distinguished road
Hi, I read that using SALT adds an extra layer of security, have I done this correctly, thank you.

PHP Code:
<?php
session_start(); // session start
require_once('include.php');
$form $_POST['submit'];
$salt "SoMeThInGhErE";
$username mysql_real_escape_string($_POST['username']);
$password mysql_real_escape_string(md5($salt.$_POST['password']));
if(isset($form)) {
if(!empty($username) && !empty($password)) {
$sql mysql_query("SELECT * FROM `usersystem` WHERE username='$username' and password='$password'");
if( mysql_num_rows($sql) != ) { //success
$row=mysql_fetch_array($sql);
$_SESSION['logged-in'] = true;
$_SESSION['username'] = $row['username'];
$_SESSION['level'] = $row['level'];
header('Location: red.php');
exit;
} else { $error "<h1><span style=\"color:red\"><center>Incorrect login details</center></span></h1>"; }
} else { $error "<h1><span style=\"color:red\"><center>All information is not filled out correctly</center></span></h1>"; }
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<title>Login</title>
<style type="text/css">
*{ FONT-SIZE: 8pt; FONT-FAMILY: verdana; } b { FONT-WEIGHT: bold; } .listtitle { BACKGROUND: #425984; COLOR: #EEEEEE; white-space: nowrap; } td.list { BACKGROUND: #EEEEEE; white-space: nowrap; } </style>
</head>
<body>
<center>
<br /><br /><br /><br />
<h1>Login</h1>
<?php
echo "$error";
?>
<form action="<?php echo htmlentities($_SERVER['PHP_SELF']); ?>" method="post">
<table cellspacing='1' cellpadding='5'>
<tr><td class='listtitle' colspan='2'>Please enter your Username and Password</td></tr>
<tr><td class='list' align='right'>Username:</td><td class='list'><input name="username" type="text" /></td></tr>
<tr><td class='list' align='right'>Password:</td><td class='list'><input name="password" type="password" /></td></tr>
<tr><td class='listtitle' align='right' colspan='2'><input name="submit" type="submit" value="Log In" /></td></tr>
</table>
</form>
</center>
</body>
</html>
Last edited by PHP-Devline; 02-08-2009 at 07:36 AM..
PHP-Devline is offline
Reply With Quote
View Public Profile
 
Reply     « Reply to PHP Newbie, My First Script, Login, Please help with security advice.
 
Previous Thread | Next Thread Tycoon Talk > Web Development and Programming Support > PHP Forum > PHP Newbie, My First Script, Login, Please help with security advice.

Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are Off




   
RSS Feed  Feeds: RSS   JS   XML
RSS Feed  Feeds for this forum: RSS   JS   XML



Page generated in 0.26708 seconds with 12 queries