<?php
// Potential bug.. Make sure that it does not update the last login field if they havn't logged in
include('functions.inc');
$lastlogon = date("l, M, d");
$pass = md5($pass);
$sql = "SELECT * FROM users where user='$uname' and pass='$pass'";
$result = mysql_query($sql);
$row = mysql_fetch_array($result);
if ($row["user"] == $uname && $row["pass"] == $pass) {
$lastlogon = date("l, M, d");
if(setcookie("user",$uname,time()+604800,"/","..com","0")) {
$sqll = "UPDATE users SET last_logon='$lastlogon' WHERE user='".$_POST['uname']."'";
if(mysql_query($sqll)) {
header("location: mypage");
}
else {
echo "Couldn't update user<br />".$sqll."<br />".mysql_error()."";
}
}
else {
echo "Couldn't set cookie";
}
}
else {
$output = "<center><font face=arial size=-1 color=red>Username/Password do not match <a
href=loginbox.php>Click here to login again</a></font></center>";
include('html.inc');
start_header($output);
}
?>
This login script of mine has been working all the way up until today. Now it wont allow most people to login. However, when i reset the pass in my user field it allowed me to login. But it will not allow anybody else. I used a manual url byt grabbing the uname and pass fromt he db and entering it into the url and trying to use the login script that way but it woudln't work.
Any ideas on why my code might have broken?
Thanks
Anthony
Bug i can't find
Moderator: General Moderators
Just to rule out any register_globals problems i'd change:
$sql = "SELECT * FROM users where user='$uname' and pass='$pass'";
to:
$sql = "SELECT * FROM users where user='{$_POST['uname']}' and pass='{$_POST['pass']'";
Also use echo $sql; to debug, to make sure the query is what you expect it to be. I'd also use mysql_error() to catch any query bugs that you might not be seeing.
$result = mysql_query($sql) or die(mysql_error());
It also looks like you are storing the passwords as plain text in the database as you are comparing it directly with a user submitted password and not md5()'ing the password they entered before doing the compare. You might want to change that if you can as plain text passwords are open to a level of abuse that you wouldn't get if you hashed/encrypted them.
$sql = "SELECT * FROM users where user='$uname' and pass='$pass'";
to:
$sql = "SELECT * FROM users where user='{$_POST['uname']}' and pass='{$_POST['pass']'";
Also use echo $sql; to debug, to make sure the query is what you expect it to be. I'd also use mysql_error() to catch any query bugs that you might not be seeing.
$result = mysql_query($sql) or die(mysql_error());
It also looks like you are storing the passwords as plain text in the database as you are comparing it directly with a user submitted password and not md5()'ing the password they entered before doing the compare. You might want to change that if you can as plain text passwords are open to a level of abuse that you wouldn't get if you hashed/encrypted them.