Page 1 of 1

AOL instant messenger profile script help...

Posted: Sat Aug 13, 2005 4:57 pm
by cheerio
hello all, i just started learning PHP 2-3 months ago, and i made my first script...but i think its poorly written or has many security leaks in it and i would like it if someone can point out where there can be big holes throughout my script, or how i can make it better... i like to stay away from databases if i dont need them so please dont suggest that
i am also new to these forums so please dont like ban me or soemthing if i am posting something bad or anything...

edit: got rid of that source links...gona use the

Code: Select all

tags sorry

Posted: Sat Aug 13, 2005 5:07 pm
by feyd
since there are many different scripts in that zip, please post (here) the ones you wish to discuss so we don't have to load all the scripts on our machines..

remember to use

Code: Select all

tags where appropriate when posting code

Posted: Sat Aug 13, 2005 5:09 pm
by cheerio
ok never mind sorry...ok theres the real part i need help on,
index.php - want to make it load much faster, and i think some of the code i used here is a bit outdated would like it if someone could help me make everything like PHP5 you know
also wehre there is the $names array, i foudn this workign just fine for me, but want to know other ways to do it

Code: Select all

<?php
//Part of the script to get the page loading time
 $m_time = explode(" ",microtime());
 $m_time = $m_time[0] + $m_time[1];
 $starttime = $m_time;
//Gets the viewer's IP
 $ip = $_SERVER["REMOTE_ADDR"];
//Stores peoples' screen names and their names
$names = array(
'screenname' => 'persons real name',
'screenname2' => 'another name',
);
//if the persons screen name is not in the array above,
if(!$sn == $names[$sn]) {
//store in the array the persons screen name, but instead of their name just use their screen name
$names = array(
"$sn" => "$sn",
);
//otherwise
} else {
//echo hi [the person's name] ...
echo "hi, $names[$sn], this is my profile";
//changes font color to red, and says the person's name
echo "<font color=\"red\"><br>$names[$sn] ";
//file containing randomn quotes
$textfile = "required/1.txt";
//turns off error reporting for file($textfile)
if ($quotes = @file("$textfile")) {
//uses the rand(); function to get a randomn quote
   $quote = rand(0, sizeof($quotes));
//echos the randomn quote(it is in an array which is why we use $quotes[$quote]
 echo $quotes[$quote];
//if it can't get the randomn quote,
}else{
//echo the default quote which is "is cool"
   echo ("is cool");          //if quotes file wasn't found, echo out a default quote
}
}
// The number of decimal places to round the micro time to.
 $round = 5;
// some more stuff about the getting page laod time
 $m_time = explode(" ",microtime());
 $m_time = $m_time[0] + $m_time[1];
 $endtime = $m_time;
//gets total time buy finding the difference of sendtime and starttime
 $totaltime = ($endtime - $starttime);
//changes font attributes
echo "<font color=\"white\" size=\"1\" face=\"verdana\">";
//echos it took about [rounds it] .***** seconds to load this page
echo "<br>->it took about **". round($totaltime,$round) ." seconds** to load this page";
//ends the font attributes
echo "</font>";
//sets the date() functions to $date
$date=date("M dS h:i A");
//sets the file to open (viewers.html)
$file="required/viewers.html";
//sets content to write to the file which is: persons screen name - their IP in a blue color - the date and time they check your profile
$content="$sn - <font color=\"blue\">$ip </font> - $date <br>\n";
//sets $fp to fopen() function
$fp = fopen($file,a);
//if it fails execute $fp,
if(!$fp) {
//echos could not open file [filename]
echo "could not open file,  $file";
//otherwise
} else {
//remove slashes php automatically puts in
$content=stripslashes($content);
//write to $fp, $content
fwrite($fp,$content);
//sets font attributes
echo "<font color=\"white\" size=\"1\" face=\"verdana\">";
//echos you have been added to my kill list (just a joke)
echo "<br>->well, $sn, you have been added to my personal kill list";
//closes the if/else functions
};
//closes the file
fclose($file);
//echos Links: [line break]
echo "<br>Links:<br>";
//includes links.php using include_once
include_once("links.php");
//echos the font attributes, made by me
echo "</font><u><font color=\"darkblue\" size=\"1\" face=\"verdana\"><br>profile made by me, dharik patel<br></b>";
//adds a link to admin panel
echo "<a href=\"http://kirbyskrib.gotdns.com:82/profile/login.php\">Admin Panel</a></font>"
//ends the php script
?>
login.php...security probably sucks for htis...need help getting rid of the security holes please:

Code: Select all

<?php
//require style.css
require_once "required/style.css";
//starts a session
session_start();
//sets username (change this!!)
$user = "USER";
//sets password (change this!!)
$pass = "PASSWORD";
//if the user clicks submit
if ($_POST['submit'])
{
//if the user name they entered matches the one you set, and if the password matches the one you set,
	if($_POST['username']==$user && $_POST['password']==$pass)
	{
//echos user and pass accepted [line break]
		echo "user and pass accepted<br>";
//sets session[logged in] to true
		$_SESSION['Logged_In'] = "True";
//sets the session[username] to the username the person entered
		$_SESSION['Username'] = $username;
//otherwise
	} else
	{
//echo bad username/password
	echo "bad username/password";
	}
}
//if session[logged in] is false (! kind of means false),
if (!$_SESSION['Logged_In']) {
//closes the php part, while it shows the form
?>
<fieldset ><legend>Administrator Login Script: by cheerio0s[<a title="Click here for info" ONCLICK="window.open('help.php?act=about', 'about', 'toolbar=no,location=no,directories=no,status=no,menubar=no,scrollbars=no,resizable=no,copyhistory=yes,width=500,height=300')">about</a>]</legend>
<form action="<?php print $_SERVER['PHP_SELF'] ?>" method="post">
<table>
<tr>
<td>Username:</td>
<td><input type=text name="username" value=""></td>
</tr>
<tr>
<td>
Password:
</td>
<td><input type=password name="password" value="" ></td>
</tr>
<tr>
<td width="50">
&nbsp;
</td>
<td>
<input type=submit name="submit" value="Login">
[<a title="Click here for login help" ONCLICK="window.open('help.php?act=loginhelp', 'about', 'toolbar=no,location=no,directories=no,status=no,menubar=no,scrollbars=no,resizable=no,copyhistory=yes,width=500,height=300')">help</a>]
</td>
</table>
</form>
</fieldset>
<?php
//if the session[logged in] is true,
}
if($_SESSION['Logged_In']) {
//close php part again, shows a form showing what file you want to edit and stuff
?>
<form action="check.php" method="post">
<table width="100%">
<tr>
<td width="10">
<input type=radio name="1"><br>
</td>
<td width="50">
required/viewers.html
</td>
<td>
click <a href="required/viewers.html">here</a> to see current contents without editing
</tr>
<tr>
<td width="10">
<input type=radio name="2"><br>
</td>
<td width="50">
required/1.txt
</td>
<td>
click <a href="required/1.txt">here</a> to see current contents without editing
</tr>
<tr>
<td width="10">
<input type=radio name="3"><br>
</td>
<td width="50">
links.php
</td>
<td>
click <a href="links.php">here</a> to see current contents without editing
</tr>
<tr>
<td width="10">
<input type=radio name="4"><br>
</td>
<td width="50">
image.php
</td>
<td>
click <a href="image.php?text1=you">here</a> to see current contents without editing
</tr>
<tr>
<td width="10">
<input type=radio name="5"><br>
</td>
<td width="50">
count.php
</td>
<td>
click <a href="required/clicks.txt">here</a> to see amount of clicks of <font color=red>[image.php]</font>
</tr>
<tr>
<td width="10">
<input type=radio name="6"><br>
</td>
<td width="50">
required/style.css
</td>
<td>
click <a href="required/style.css">here</a> to see current contents without editing
</tr>
</table>
<input type=submit name="choosefile" value="go and edit">
<a href="?cmd=logout">Logout</a>[<a title="If you selected more than one radio button...click here for help" ONCLICK="window.open('help.php?act=choosefilehelp', 'about', 'toolbar=no,location=no,directories=no,status=no,menubar=no,scrollbars=no,resizable=no,copyhistory=yes,width=500,height=300')">help</a>]
</form>
<?php
}
//uses if to see if: $_GET['cmd] (basically gets the variable $cmd from the address) is equal to logout,
if($_GET['cmd']=="logout") {
//then uset the session logged in, basically logging the user out
unset($_SESSION['Logged_In']);
//echos logged out. click here to refresh.
echo "logged out. click <a href=\"login.php\">here</a> to go refresh";
}

?>
NOTE that i removed user name and password :)
sorry for including all of the comments that explain the code

Posted: Sat Aug 13, 2005 5:28 pm
by Roja
cheerio wrote: please do not copy, thanks
You post your code on a public forum, asking for help to improve it, but don't want others to use it? Seems selfish.

Posted: Sat Aug 13, 2005 5:30 pm
by cheerio
well i mean...never mind ill get rid of it..sorry