Is there a more secure way of sending information from a form? And, is encrypting with crypt() and using the previously encrypted password as the salt sufficient?
Note: rmv_sp_chars remove all of the following from both the password and name, and additionally I remove all spaces from the password
Code: Select all
`~!@#$%^&*()_-+=|\"':;?/>.<,Code: Select all
<html>
<head></head>
<body>
<div align="center">
<?php
session_start();
if ($_SESSION['auth'] == 1) {
// check if authentication was performed
echo 'You Are Already Logged In!';
}
else {
if (isset($_POST['name']) || isset($_POST['pass'])) {
// form submitted
// check for required values
if (empty($_POST['name'])) {
die ("ERROR: Please Enter Username!");
}
if (empty($_POST['pass'])) {
die ("ERROR: Please Enter Password!");
}
define('IN_SCRIPT',1);
require_once('db_settings.inc.php');
require_once('settings.inc.php');
require_once('input.inc.php');
$name = sanitize($_POST['name'], true);
$pass = sanitize($_POST['pass']));
$query = "SELECT * FROM users WHERE user = '" . $name . "'";
$result = mysql_query($query) or die ("Error in query: $query. " . mysql_error());
if (mysql_num_rows($result) < 1) {
die('ERROR: Incorrect Username!');
}
else {
$row = mysql_fetch_row($result);
$salt = $row[1];
}
// create query
$query = "SELECT * FROM users WHERE user = '" . $name . "' AND pass = '".crypt($pass, $salt)."'";
// execute query
$result = mysql_query($query) or die ("Error in query: $query. " . mysql_error());
// see if any rows were returned
if (mysql_num_rows($result) == 1) {
// if a row was returned
// authentication was successful
// create session and set cookie with username
$_SESSION['auth'] = 1;
setcookie("username", $name, time()+(84600*30));
echo "Access Granted!";
}
else {
// no result
// authentication failed
echo "ERROR: Incorrect Password!";
}
// free result set memory
mysql_free_result($result);
// close connection
mysql_close($connection);
}
else {
// no submission
// display login form
?>
<html>
<head></head>
<body>
<center>
<form method="post" action="<?php echo $_SERVER['PHP_SELF']; ?>">
Username: <input type="text" name="name" value="<?php echo $_COOKIE['username']; ?>">
<p />
Password: <input type="password" name="pass">
<p />
<input type="submit" name="submit" value="Log In">
</center>
</body>
</html>
<?php
}
}
?>
</body>
</html>