Login pages... (quickie)
Moderator: General Moderators
- Ollie Saunders
- DevNet Master
- Posts: 3179
- Joined: Tue May 24, 2005 6:01 pm
- Location: UK
Call it without any parameters.
Edit: sorry no, completely wrong there.
Edit: sorry no, completely wrong there.
Last edited by Ollie Saunders on Mon Jan 15, 2007 8:40 pm, edited 1 time in total.
-
Mightywayne
- Forum Contributor
- Posts: 237
- Joined: Sat Dec 09, 2006 6:46 am
Okay, I checked it with this code
And it appears it IS false.
However. I have absolutely no idea why it's false, or how it became false. I think it may have something to do with the query being username AND password, but then $count would be messed up if I broke them apart into seperate queries... =/
Code: Select all
if($result==false)
{
printf("False result.");
}However. I have absolutely no idea why it's false, or how it became false. I think it may have something to do with the query being username AND password, but then $count would be messed up if I broke them apart into seperate queries... =/
- feyd
- Neighborhood Spidermoddy
- Posts: 31559
- Joined: Mon Mar 29, 2004 3:24 pm
- Location: Bothell, Washington, USA
A false return value denotes an error happened. I would imagine it's using "password," but you can check it with mysql_error().
Mightywayne, if I look at the code, it still is vulnerable to sql injection. Meaning that even if you get it to work, any hacker can hack your script, without having a valid username/password. If I enter a single quote as my username:
Code: Select all
<?php
$username = $_POST['username']; // '
$password = $_POST['password'];
$sql = "SELECT * FROM user WHERE username='$username' and password='$password'";
// $sql = "SELECT * FROM user WHERE username = '''
// etc
?>-
Mightywayne
- Forum Contributor
- Posts: 237
- Joined: Sat Dec 09, 2006 6:46 am
-
Mightywayne
- Forum Contributor
- Posts: 237
- Joined: Sat Dec 09, 2006 6:46 am
Okay this is making absolutely NO sense at all. I did the SAME process from my "verification" one that I made, which turned out perfect, and for absolutely NO reason at all, the values are false. It's connecting properly, and I changed from the "AND password" thing, to
Is there a tutorial any of you can suggest? Because obviously this tutorial from 2002 is messed up for some reason. Is there a different way to do it than using headers()? It doesn't seem like it should be hard, but I hate when coding does this; things that should work normally randomly don't.
Code: Select all
$sql1 = "SELECT * FROM user WHERE username='$username'";
$result1 = mysql_query($sql1);
$sql2 = "SELECT * FROM user WHERE password='$password'";
$result2 = mysql_query($sql2);- feyd
- Neighborhood Spidermoddy
- Posts: 31559
- Joined: Mon Mar 29, 2004 3:24 pm
- Location: Bothell, Washington, USA
What does mysql_error() tell you?
- Ollie Saunders
- DevNet Master
- Posts: 3179
- Joined: Tue May 24, 2005 6:01 pm
- Location: UK
-
Mightywayne
- Forum Contributor
- Posts: 237
- Joined: Sat Dec 09, 2006 6:46 am
Editted out in case some folks try to hax0r me. Seriously. o_O;;
Last edited by Mightywayne on Fri Apr 06, 2007 2:19 pm, edited 2 times in total.
- Ollie Saunders
- DevNet Master
- Posts: 3179
- Joined: Tue May 24, 2005 6:01 pm
- Location: UK
- Christopher
- Site Administrator
- Posts: 13596
- Joined: Wed Aug 25, 2004 7:54 pm
- Location: New York, NY, US
I see a lot of code like that posted. It is pretty difficult to debug. I think, at least, some basic Structured Programming would be helpful. At a minimum a PHP database script ought to look something like this:
No die(), clear logic, thorough error checking, separation of connection and response (reporting an error is also a response), and basic security ...
Code: Select all
<?php
// initialize variables
$errmsg = '';
$row = array();
// Connect to server
$con = mysql_connect("localhost","burnttoa_umonbre","don't_post_passwords");
if (mysql_errno()) {
$errmsg = 'Could not connect:' . mysql_error();
} else {
// Select database.
mysql_select_db("burnttoa_monbre");
if (mysql_errno()) {
$errmsg = 'Could not select:' . mysql_error();
} else {
// Setup and do query
// filter untrusted post variable
$username = preg_replace('/[^a-zA-Z0-9]/', '', $_POST['username']);
// escape untrusted post variable
$username = mysql_real_escape_string($_POST['username']);
$sql1 = "SELECT * FROM user WHERE username='$username'";
$result1 = mysql_query($sql1);
if (mysql_errno()) {
$errmsg = 'Query failed:' . mysql_error();
} else {
$row = mysql_fetch_assoc($result);
}
}
}
// now the response
if ($errmsg) {
// error goes here
echo "Error: $errmsg<br/>";
} else {
// success goes here
dump($row);
}
// handy for debugging
function dump($value) {
echo '<pre>' . print_r($value, 1) . '</pre>';
}(#10850)
- daedalus__
- DevNet Resident
- Posts: 1925
- Joined: Thu Feb 09, 2006 4:52 pm
+1 for snippetsarborint wrote:I see a lot of code like that posted. It is pretty difficult to debug. I think, at least, some basic Structured Programming would be helpful. At a minimum a PHP database script ought to look something like this:No die(), clear logic, thorough error checking, separation of connection and response (reporting an error is also a response), and basic security ...Code: Select all
<?php // initialize variables $errmsg = ''; $row = array(); // Connect to server $con = mysql_connect("localhost","burnttoa_umonbre","don't_post_passwords"); if (mysql_errno()) { $errmsg = 'Could not connect:' . mysql_error(); } else { // Select database. mysql_select_db("burnttoa_monbre"); if (mysql_errno()) { $errmsg = 'Could not select:' . mysql_error(); } else { // Setup and do query // filter untrusted post variable $username = preg_replace('/[^a-zA-Z0-9]/', '', $_POST['username']); // escape untrusted post variable $username = mysql_real_escape_string($_POST['username']); $sql1 = "SELECT * FROM user WHERE username='$username'"; $result1 = mysql_query($sql1); if (mysql_errno()) { $errmsg = 'Query failed:' . mysql_error(); } else { $row = mysql_fetch_assoc($result); } } } // now the response if ($errmsg) { // error goes here echo "Error: $errmsg<br/>"; } else { // success goes here dump($row); } // handy for debugging function dump($value) { echo '<pre>' . print_r($value, 1) . '</pre>'; }
-
Mightywayne
- Forum Contributor
- Posts: 237
- Joined: Sat Dec 09, 2006 6:46 am
Uhm okay. I think I'm going to switch to cookies now. Instead of sessions. How bad is that? I've heard of cookie manipulation, but my friend suggests cookies, and sessions are right now confusing me majorly.
Also, I'm not really getting mysql_error either. It just keeps giving me Warning: mysql_error(): supplied argument is not a valid MySQL-Link resource in /home/burnttoa/public_html/monbre/checklogin.php on line 22 which google is no help for.
My friend just gave me a good cookie script so I'll check that out, it seems pretty good, sans some functions I'll have to learn.
I hope the cookies aren't a security thing though... are they?
Also, I'm not really getting mysql_error either. It just keeps giving me Warning: mysql_error(): supplied argument is not a valid MySQL-Link resource in /home/burnttoa/public_html/monbre/checklogin.php on line 22 which google is no help for.
My friend just gave me a good cookie script so I'll check that out, it seems pretty good, sans some functions I'll have to learn.
- aaronhall
- DevNet Resident
- Posts: 1040
- Joined: Tue Aug 13, 2002 5:10 pm
- Location: Back in Phoenix, missing the microbrews
- Contact:
First, you need to read how to use mysql_error()
Second, sessions use cookies, and the problem you are having now has nothing to do with either.
Second, sessions use cookies, and the problem you are having now has nothing to do with either.