PHP Secure Login Failing

Discussions of secure PHP coding. Security in software is important, so don't be afraid to ask. And when answering: be anal. Nitpick. No security vulnerability is too small.

Moderator: General Moderators

Post Reply
Deemar
Forum Newbie
Posts: 1
Joined: Mon Jul 27, 2009 11:36 pm

PHP Secure Login Failing

Post by Deemar »

I'm working on a members' login script but cannot seem to figure this out. The site currently has a bunch of html pages with this at the top:
<?php
require('../admin/includes/config/config.inc.php');
require('../admin/includes/classes/Database.class.php');
require('../admin/includes/func.php');
session_start();
/***************************************************
LOGIN CHECK
***************************************************/
if (isset($_SESSION['auth'])){
$db3 = new Database($config['server'], $config['user'], $config['pass'], $config['database']);
$db3->connect();
$sql3 = "SELECT * FROM member WHERE auth='" . $_SESSION['auth'] ."'";
$row3 = $db3->query($sql3);
if($db3->affected_rows != 1){
header("Location: index.php?error=noacccess");
}
$db3->close();
} else {
header("Location: index.php?error=noauth");
}
?>
So I'm writing a PHP script on a login page to take advantage of this. My login page has a simple table:
<table width="300" border="0" align="center" cellpadding="0" cellspacing="1" bgcolor="#CCCCCC">
<tr>
<form name="form1" method="post" action="checklogin.php">
<td>
<table width="100%" border="0" cellpadding="3" cellspacing="1" bgcolor="#FFFFFF">
<tr>
<td colspan="3"><strong>Member Login </strong></td>
</tr>
<tr>
<td width="78">Username</td>
<td width="6">:</td>
<td width="294"><input name="myusername" type="text" id="myusername"></td>
</tr>
<tr>
<td>Password</td>
<td>:</td>
<td><input name="mypassword" type="text" id="mypassword"></td>
</tr>
<tr>
<td>&nbsp;</td>
<td>&nbsp;</td>
<td><input type="submit" name="Submit" value="Login"></td>
</tr>
</table>
</td>
</form>
</tr>
</table>
And another checklogin.php page:
<?php
ob_start();
$host="localhost"; // Host name
$username="*********"; // Mysql username
$password="*********"; // Mysql password
$db_name="*********"; // Database name
$tbl_name="********"; // Table name

// Connect to server and select databse.
mysql_connect("$host", "$username", "$password")or die("cannot connect");
mysql_select_db("$db_name")or die("cannot select DB");

// Define $myusername and $mypassword
$myusername=$_POST['myusername'];
$mypassword=$_POST['mypassword'];

// To protect MySQL injection (more detail about MySQL injection)
$myusername = stripslashes($myusername);
$mypassword = stripslashes($mypassword);
$myusername = mysql_real_escape_string($myusername);
$mypassword = mysql_real_escape_string($mypassword);

$sql="SELECT * FROM $tbl_name WHERE email='$myusername' and rawpass='$mypassword'";
$result=mysql_query($sql);

// Mysql_num_row is counting table row
$count=mysql_num_rows($result);
// If result matched $myusername and $mypassword, table row must be 1 row

if($count==1){
// Register $myusername, $mypassword and redirect to file "login_success.php"
session_register("myusername");
session_register("mypassword");
session_register("auth");
header("location:index.html");
}
else {
echo "Wrong Username or Password";
}

ob_end_flush();
?>
Now it functionally works, I just edited out the database information. It does the check and then redirects to index.html but then redirects to index.php?=noauth every time. I can't figure it out, it's looking for the "auth" variable to be assigned in the session which it is. What am I missing? Here's my database columns:
id
firstname
lastname
password
rawpass
email
subscription
phone
access
auth
ip
The username for my user is "myusername" and the password is "mypassword".
spider.nick
Forum Commoner
Posts: 72
Joined: Wed Jul 15, 2009 12:22 pm
Location: Overland Park, KS

Re: PHP Secure Login Failing

Post by spider.nick »

Not sure, but if I think I remember having this issue before. If you get $_SESSION information within https://, you cannot access it from http://, unless you store your session data in a DB.

Nick
User avatar
Mordred
DevNet Resident
Posts: 1579
Joined: Sun Sep 03, 2006 5:19 am
Location: Sofia, Bulgaria

Re: PHP Secure Login Failing

Post by Mordred »

exit() after all header('Location:...'), otherwise the script keeps going
Post Reply