Page 1 of 1

PHP Session - Logging into wrong account

Posted: Mon Apr 18, 2011 1:45 pm
by goldensparrow01
Hi

My mate has a website and she has found recently that every now and then a user complains saying they have logged into the site but it logs them into another users account.

The script used is:

<?
require_once("conn.php");

$q1 = "SELECT * FROM members WHERE email='$email' AND password=SHA('$password') AND active =''";
$r1 = mysql_query($q1) or die(mysql_error());

if(mysql_num_rows($r1) == '1')
{

//ok
$a1 = mysql_fetch_array($r1);

$_SESSION[id] = $a1[id];
$_SESSION[email] = $a1[email];
$_SESSION[username] = $a1[username];


if(!empty($remember)){
setcookie("copname", $_SESSION['username'], time()+60*60*24*300, "/");
setcookie("coppass", $_SESSION['id'], time()+60*60*24*300, "/");

$set='yes';
}


if($a1[proscore]==0){
header("location:index.php?m=l&set=$set&ne=y");
}else{

header("location:$page?m=l&set=$set&ne=y");
}
exit();
}
else
{
header("location:$page?m=n");
exit();
}

Can anyone help with this issue please, I'd really appreciate it?

Cheers

Re: PHP Session - Logging into wrong account

Posted: Mon Apr 18, 2011 4:52 pm
by Darhazer
First of all, you are vulnerable to SQL injection.
Second, maybe the problem is not in the login script, but in the script after login (where you check who is the current user?)

Re: PHP Session - Logging into wrong account

Posted: Tue Apr 19, 2011 1:31 pm
by goldensparrow01
Thanks for quick reply.

I'll read up about SQL Injection.

Code for main page is:

Code: Select all

<? 
if(isset($_SESSION[id])){?>
Cheers