Page 1 of 1

Safer User Login

Posted: Fri Jan 31, 2003 8:10 pm
by icesolid
I have created a simple user login. There is a form that the user enters their username and password, and then they click log in, and after that I have a sql query seeing if the user exist and if the username and the password match up.

Now I am sure that this is just a makeshift way of doing it, and I also know that there must be some type of encryption that can be used.

I have heard people talk about the following things for form input:

html_special_chars
MD5
SSL
_POST
_GET

And I am wondering what can be done to make this more secure.

Posted: Fri Jan 31, 2003 8:23 pm
by daven
$_POST and $_GET are ways to get form variables (from <form method="post"> and <form method="get"> respectively).

MD5 creates a hash. I personally MD5 passwords, so that users cannot accuse my company of stealing their passwords. Note: MD5 is NOT encryption. Encrypting something means you can decrypt it later. There is no way to reverse a hash. All you can do is compare things that have been hashed (the same string will give the same hash every time).

SSL (secure socket layer) is the standard for securing websites. It requires having SSL installed (I use OpenSSL), purchasing an SSL certificate, and then using https:// to access your pages. SSL encrypts data so that it cannot be read as plain-text when being sent between computers. Newer versions of PHP have a nifty library for OpenSSL functionality.

html_special_chars merely replaces things like an ampersand (&) or lesss than sign (<) with the relevant HTML code (&) (<) so that it shows up in browsers correctly.

Thanks but...

Posted: Fri Jan 31, 2003 8:26 pm
by icesolid
Now that the terms have been broken down to me. I still need some suggestions on how to make the script more secure.

The script is not secure the way it is setup right now. Please show me some code on how to use the MD5. Thanks!

Here is how my log in code looks now:

Code: Select all

<?php
if($_POST["submit"]) {
$link = mysql_connect("localhost", "username", "xxxx") or die("Could not connect!");
mysql_select_db("users") or die("Could not select database!");

$username = strip_tags($_POST["username"]);
$password = strip_tags($_POST["password"]);

$sql = "SELECT username, password FROM general_access WHERE username='$username' && password='$password'";
$result = mysql_query($sql);
$row = mysql_fetch_array($result);

	if(!$username) {
	echo "No username entered.\n";
	} elseif(!$password) {
	echo "No password entered.\n";
	} elseif(!$username == $row["username"] && !$password == $row["password"]) {
	echo "Incorrect username or password.\n";
	} elseif($username == $row["username"] && $password == $row["password"]) {
	echo "Log in complete.\n";
	}

mysql_free_result($result);
mysql_close($link);
} else {
?>
<b>Please enter your user login informaton:</b>
<br><br>
<form method=post action="index.php">
Username: <input type=text name="username"><br>
Password: <input type=password name="password">
<br><br>
<input type=submit name="submit" value="Log In"> <input type=reset value="Reset">
</form>
<?php
}
?>

Posted: Fri Jan 31, 2003 11:06 pm
by evilcoder
OK:

Code: Select all

<?php 
if($_POST["submit"]) { 
$link = mysql_connect("localhost", "username", "xxxx") or die("Could not connect!"); 
mysql_select_db("users") or die("Could not select database!"); 

$username = strip_tags($_POST["username"]); 
$password = strip_tags($_POST["password"]);

// Create MD5 Hash

$md5pass = md5( $password ); 

$sql = "SELECT username, password FROM general_access WHERE username='$username' && password='$md5pass'"; 
$result = mysql_query($sql); 
$row = mysql_fetch_array($result); 

   if(!$username) { 
   echo "No username entered.\n"; 
   } elseif(!$password) { 
   echo "No password entered.\n"; 
   } elseif(!$username == $row["username"] && !$password == $row["password"]) { 
   echo "Incorrect username or password.\n"; 
   } elseif($username == $row["username"] && $password == $row["password"]) { 
   echo "Log in complete.\n"; 
   } 

mysql_free_result($result); 
mysql_close($link); 
} else { 
?> 
<b>Please enter your user login informaton:</b> 
<br><br> 
<form method=post action="index.php"> 
Username: <input type=text name="username"><br> 
Password: <input type=password name="password"> 
<br><br> 
<input type=submit name="submit" value="Log In"> <input type=reset value="Reset"> 
</form> 
<?php 
} 
?>
However, in order to use that new script revision, you will have to change the password in your database with an MD5 hash, so that it can be recognised. At the moment if you use that script it will try and find the username with a password that will be able 20 characters long, which is the length of an MD5 hash.

Posted: Fri Jan 31, 2003 11:16 pm
by evilcoder
A feature i offer to people who join up using my auth gateway is they can choose whether to have teir account accessible from only one IP address.

That creates a very secure login script.

Add a database field called : 'IP' as VARCHAR(15)

Now, you can either use username, password AND IP, or just username and IP.

Change the script to do this:

Code: Select all

<?php
$Username = $_POST['userame']; // or name of the form field
$IP_Address = $_SERVER['REMOTE_ADDR'];

$sql = "SELECT * FROM general_access WHERE username='$username' AND IP ='$IP_Address'";  
$result = mysql_query($sql);  
$row = mysql_fetch_array($result);  
?>
Of coarse thats not the full script, but tis a start.