Page 1 of 1

What's wrong with this login check?

Posted: Sat Jan 08, 2005 11:22 pm
by Wldrumstcs
I have this put at the top of the admin pages to check whether or not there are cookies named "id","username", and "password". Then it is supposed to check those values against values in a DB. When there are no cookies and I try and access the page, I am blocked like how I should. However, I made a dummy cookie w/ values that weren't in the DB, it still allowed me to view the page.

Code: Select all

<?

mysql_connect("localhost","$username","$password") or die ("Unable to connect to MySQL server."); 
$db = mysql_select_db("$database") or die ("Unable to select requested database.");

$admin = 0;
if($_COOKIE[id] != '' AND $_COOKIE[username] != '' and $_COOKIE[password] !='') {
  $result = mysql_query("SELECT count(username) FROM teachers WHERE username='$_COOKIE[username]' AND password='$_COOKIE[password]' AND id='$_COOKIE[id]'");
  if($result > 0){
    $admin = 1;
}}

if($admin == 1) { ?>

BLAH BLAH BLAH BLAH.........

<?
}else{ echo "
<meta http-equiv='refresh' content='3;URL=login.php'>
<html>
<body bgcolor='#000000'>

	<div align='center'>
		<table border='0' width='100%' height='100%' id='table1' bgcolor='#FF7800' cellspacing='0' cellpadding='0'>
			<tr>
				<td align='center'>
				<p align='center'><font size='5'><b>You must be logged in to view this page</b></font><br><font size='3'>You are being redirected...</font></p></td>
			</tr>
		</table>
	</div>

	</body>
</html>
";}
?>

Posted: Sat Jan 08, 2005 11:37 pm
by feyd

Code: Select all

if(mysql_num_rows($result) &gt; 0)
  $admin = 1;

Posted: Sat Jan 08, 2005 11:56 pm
by shiznatix
ur best off using sessions unless you want them to be auto logged in at all times then use cookies but be careful of cookie stealers

Posted: Sun Jan 09, 2005 12:08 am
by Wldrumstcs
I changed those two lines, yet it still is letting me through w/ the dummy cookie.

Posted: Sun Jan 09, 2005 12:13 am
by John Cartwright
firstly,

Code: Select all

$_COOKIE&#1111;username]
should be

Code: Select all

$_COOKIE&#1111;'username']
and so forth...secondly make sure your cookies have the proper values.
I would also encrypt the data using [php_man]md5[/php_man] to proect the values. And lastly if your checking with num rows remove the count in the query

Posted: Sun Jan 09, 2005 12:13 am
by feyd
post your new code, please.

Posted: Sun Jan 09, 2005 12:19 am
by Wldrumstcs
NM, it works now that I deleted the "(count)". For the record, I do use MD5 protection. TY for the help.