Basic secure php login without cookies
Posted: Thu Mar 22, 2007 1:51 pm
Hi,
This is my first post, and I'm a php noob, so please forgive my undoubted incompetence
I'm trying to write a basic secure php login script using session variables only, it's only required for customers to log in to our site and download the full version of our game once purchased, and I don't mind making them login every time so decided against using cookies. I realise I'm not using encryption for the user passwords yet but obviously will do, with salt. Basically I'm trying to put in checks for user_agent and user_ip every page to ensure session hijacking alone is not enough..
If anyone could take the time to look over the code below and give me any comments or tips I would appreciate it.
process.php:
Main page, which runs process.php on login:
I will also do similar checks to the main page on other pages, and it all seems to work but I'm sure there's got to be something wrong with it!!
Thanks in advance,
Brendan
This is my first post, and I'm a php noob, so please forgive my undoubted incompetence
I'm trying to write a basic secure php login script using session variables only, it's only required for customers to log in to our site and download the full version of our game once purchased, and I don't mind making them login every time so decided against using cookies. I realise I'm not using encryption for the user passwords yet but obviously will do, with salt. Basically I'm trying to put in checks for user_agent and user_ip every page to ensure session hijacking alone is not enough..
If anyone could take the time to look over the code below and give me any comments or tips I would appreciate it.
process.php:
Code: Select all
<?php
$username=$_POST['user'];
$password=$_POST['pass'];
$browser=$_SERVER['HTTP_USER_AGENT'];
$ip=$_SERVER['REMOTE_ADDR'];
$link=mysql_connect("127.0.0.1", $username, $password) or die(mysql_error());
mysql_select_db("main", $link);
$query1=mysql_query("SELECT username, password FROM login WHERE username = '$username' AND password = '$password'")or die(mysql_error());
$query2=mysql_query("UPDATE login SET user_agent = '$browser' WHERE username = '$username' AND password = '$password'")or die(mysql_error());;
$query3=mysql_query("UPDATE login SET user_ip = '$ip' WHERE username = '$username' AND password = '$password'")or die(mysql_error());;
$result=mysql_num_rows($query1);
if ($result != 0) {
session_start();
$_SESSION ["logged_in"] = TRUE;
$_SESSION ["check_pw"] = "secret";
}
else {}
require('home_test.php');
?>Code: Select all
<?php
session_start();
if (isset($_SESSION['logged_in']) == TRUE) {
$browser=$_SERVER['HTTP_USER_AGENT'];
$ip=$_SERVER['REMOTE_ADDR'];
$linkpw=$_SESSION["check_pw"];
$link=mysql_connect("127.0.0.1", "check", $linkpw) or die(mysql_error());
mysql_select_db("main", $link);
$query=mysql_query("SELECT user_agent, user_ip FROM login WHERE user_agent = '$browser' AND user_ip = '$ip'")or die(mysql_error());
$result=mysql_num_rows($query);
if ($result != 0) require('welcome.php');
}
else {
require('login.php');
session_destroy();
}
?>Thanks in advance,
Brendan