Safer User Login

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
icesolid
Forum Regular
Posts: 502
Joined: Mon May 06, 2002 9:36 pm
Location: Buffalo, NY

Safer User Login

Post by icesolid »

I have created a simple user login. There is a form that the user enters their username and password, and then they click log in, and after that I have a sql query seeing if the user exist and if the username and the password match up.

Now I am sure that this is just a makeshift way of doing it, and I also know that there must be some type of encryption that can be used.

I have heard people talk about the following things for form input:

html_special_chars
MD5
SSL
_POST
_GET

And I am wondering what can be done to make this more secure.
User avatar
daven
Forum Contributor
Posts: 332
Joined: Tue Dec 17, 2002 1:29 pm
Location: Gaithersburg, MD
Contact:

Post by daven »

$_POST and $_GET are ways to get form variables (from <form method="post"> and <form method="get"> respectively).

MD5 creates a hash. I personally MD5 passwords, so that users cannot accuse my company of stealing their passwords. Note: MD5 is NOT encryption. Encrypting something means you can decrypt it later. There is no way to reverse a hash. All you can do is compare things that have been hashed (the same string will give the same hash every time).

SSL (secure socket layer) is the standard for securing websites. It requires having SSL installed (I use OpenSSL), purchasing an SSL certificate, and then using https:// to access your pages. SSL encrypts data so that it cannot be read as plain-text when being sent between computers. Newer versions of PHP have a nifty library for OpenSSL functionality.

html_special_chars merely replaces things like an ampersand (&) or lesss than sign (<) with the relevant HTML code (&) (<) so that it shows up in browsers correctly.
icesolid
Forum Regular
Posts: 502
Joined: Mon May 06, 2002 9:36 pm
Location: Buffalo, NY

Thanks but...

Post by icesolid »

Now that the terms have been broken down to me. I still need some suggestions on how to make the script more secure.

The script is not secure the way it is setup right now. Please show me some code on how to use the MD5. Thanks!

Here is how my log in code looks now:

Code: Select all

<?php
if($_POST["submit"]) {
$link = mysql_connect("localhost", "username", "xxxx") or die("Could not connect!");
mysql_select_db("users") or die("Could not select database!");

$username = strip_tags($_POST["username"]);
$password = strip_tags($_POST["password"]);

$sql = "SELECT username, password FROM general_access WHERE username='$username' && password='$password'";
$result = mysql_query($sql);
$row = mysql_fetch_array($result);

	if(!$username) {
	echo "No username entered.\n";
	} elseif(!$password) {
	echo "No password entered.\n";
	} elseif(!$username == $row["username"] && !$password == $row["password"]) {
	echo "Incorrect username or password.\n";
	} elseif($username == $row["username"] && $password == $row["password"]) {
	echo "Log in complete.\n";
	}

mysql_free_result($result);
mysql_close($link);
} else {
?>
<b>Please enter your user login informaton:</b>
<br><br>
<form method=post action="index.php">
Username: <input type=text name="username"><br>
Password: <input type=password name="password">
<br><br>
<input type=submit name="submit" value="Log In"> <input type=reset value="Reset">
</form>
<?php
}
?>
evilcoder
Forum Contributor
Posts: 345
Joined: Tue Dec 17, 2002 5:37 am
Location: Sydney, Australia

Post by evilcoder »

OK:

Code: Select all

<?php 
if($_POST["submit"]) { 
$link = mysql_connect("localhost", "username", "xxxx") or die("Could not connect!"); 
mysql_select_db("users") or die("Could not select database!"); 

$username = strip_tags($_POST["username"]); 
$password = strip_tags($_POST["password"]);

// Create MD5 Hash

$md5pass = md5( $password ); 

$sql = "SELECT username, password FROM general_access WHERE username='$username' && password='$md5pass'"; 
$result = mysql_query($sql); 
$row = mysql_fetch_array($result); 

   if(!$username) { 
   echo "No username entered.\n"; 
   } elseif(!$password) { 
   echo "No password entered.\n"; 
   } elseif(!$username == $row["username"] && !$password == $row["password"]) { 
   echo "Incorrect username or password.\n"; 
   } elseif($username == $row["username"] && $password == $row["password"]) { 
   echo "Log in complete.\n"; 
   } 

mysql_free_result($result); 
mysql_close($link); 
} else { 
?> 
<b>Please enter your user login informaton:</b> 
<br><br> 
<form method=post action="index.php"> 
Username: <input type=text name="username"><br> 
Password: <input type=password name="password"> 
<br><br> 
<input type=submit name="submit" value="Log In"> <input type=reset value="Reset"> 
</form> 
<?php 
} 
?>
However, in order to use that new script revision, you will have to change the password in your database with an MD5 hash, so that it can be recognised. At the moment if you use that script it will try and find the username with a password that will be able 20 characters long, which is the length of an MD5 hash.
evilcoder
Forum Contributor
Posts: 345
Joined: Tue Dec 17, 2002 5:37 am
Location: Sydney, Australia

Post by evilcoder »

A feature i offer to people who join up using my auth gateway is they can choose whether to have teir account accessible from only one IP address.

That creates a very secure login script.

Add a database field called : 'IP' as VARCHAR(15)

Now, you can either use username, password AND IP, or just username and IP.

Change the script to do this:

Code: Select all

<?php
$Username = $_POST['userame']; // or name of the form field
$IP_Address = $_SERVER['REMOTE_ADDR'];

$sql = "SELECT * FROM general_access WHERE username='$username' AND IP ='$IP_Address'";  
$result = mysql_query($sql);  
$row = mysql_fetch_array($result);  
?>
Of coarse thats not the full script, but tis a start.
Post Reply