Is my Session script secure? im a newby
Posted: Tue Nov 09, 2010 11:04 pm
Hey guys i was wondering, since im new at php, if this is very secure for checking sessions & re-creating the key so they can't be stolen. Please point out all flaws & security holes as I'm new and need to learn lol :] BTW this is just part of my script for a user system. Also it does have some weird bugs.
Anyways here it is:
So yeah its just part of the full script but is this secure at all? I don't know as im new php :]. haha i think i got carried away with md5
Anyways here it is:
Code: Select all
if (isset($_SESSION['tokenSID'])) {
require("/home/a9199485/inc/db_connect.php");
//GRAB unique-key from DB and put it into the SID string.
$userNUM = $_SESSION['correctuser'];
$checkNUMq = mysql_query("SELECT sessionID FROM users WHERE username='$userNUM' LIMIT 1");
$checkNUM = mysql_fetch_array($checkNUMq);
$checkNUM = $checkNUM['sessionID'];
// SID String.
$checkSID = md5($_SERVER['HTTP_USER_AGENT']);
$checkSID .= md5('sillystringtotheright');
$checkSID .= $checkNUM;
$checkSID .= sha1('deathtotheleftonthehill');
$checkSID = md5($checkSID);
// SEE if it matches the already stored session. If it has been stolen then lets hope it has expired haha.
if($_SESSION['tokenSID'] === $checkSID) {
unset($_SESSION['tokenSID']);
$logname = $userNUM;
$member = $logname;
// RaNdOmIzE unique-key & send it database.
$NUM = sha1(microtime());
$NUM .= md5(rand(1000000,9999999));
$NUM .= sha1($_SERVER['HTTP_USER_AGENT']);
$regenerateNUM = md5(uniqid($NUM));
$regenerateQUE = mysql_query("UPDATE users SET sessionID='$regenerateNUM' WHERE username='$logname' LIMIT 1");
// Regenerate SID String & store it.
$regenerateSID = md5($_SERVER['HTTP_USER_AGENT']);
$regenerateSID .= md5('sillystringtotheright');
$regenerateSID .= $regenerateNUM;
$regenerateSID .= sha1('deathtotheleftonthehill');
$regenerateSID = md5($regenerateSID);
$_SESSION['tokenSID'] = $regenerateSID;