We say NO to hackers.
Posted: Mon Mar 02, 2009 4:09 am
Hello PHP peeps,
I have been looking to ensure the PHP that I am coding is as secure as it can be (if that is possible). To ensure that this takes place I was wondering if you guys and gals would be so kind as to view my code and highlight any areas you feel need changes made. I cannot afford to be building PHP scripts that can be attacked by Hackers. It is a real concern of mine. I have made a simple CMS that talks directly to a mySQL server database.
The first page I want to confirm is good is the login page for access to the cms. I have stripped out the HTML to leave the php for easier reading.
The next page I want to have verified is the page that posts data to the MySQL database. Starting with a session check (with redirection to login if not valid) then moving onto data post.
Thank you for your time and help.
Yan
I have been looking to ensure the PHP that I am coding is as secure as it can be (if that is possible). To ensure that this takes place I was wondering if you guys and gals would be so kind as to view my code and highlight any areas you feel need changes made. I cannot afford to be building PHP scripts that can be attacked by Hackers. It is a real concern of mine. I have made a simple CMS that talks directly to a mySQL server database.
The first page I want to confirm is good is the login page for access to the cms. I have stripped out the HTML to leave the php for easier reading.
Code: Select all
<?php
//Connect to database.
include 'library/configuration.php';
include 'library/opendatabase.php';
$user_email = mysql_real_escape_string($_POST['email']);
//MD5 Encryption.
if ($_POST['Submit']=='Login'){
$md5pass = md5($_POST['pwd']);
//Pick up the user data to athenticate. Activated is conditional.
$sql = "SELECT id,user_email FROM cms_users WHERE
user_email = '$user_email' AND
user_pwd = '$md5pass' AND user_activated='1'";
$result = mysql_query($sql) or die (mysql_error());
$num = mysql_num_rows($result);
if ( $num != 0 ) {
//A matching row was found - the user is authenticated.
session_start();
list($user_id,$user_email) = mysql_fetch_row($result);
// this sets variables in the session
$_SESSION['user']= $user_email;
//Logged in
if (isset($_GET['ret']) && !empty($_GET['ret'])){
header("Location: $_GET[ret]");} else{header("Location: myaccount.php");}
exit();}
//If error, advise user.
header("Location: login.php?msg=Your Password and/or Username are Invalid");
//End
exit();} ?>
<!--Login Form-->
<form name="form1" method="post" action="login.php">
<table width="368" border="0" align="center" cellpadding="0" cellspacing="4">
<tr>
<td height="76" colspan="3" class="formfont"> </td>
</tr>
<tr>
<td width="73" class="formfont">Your Email:</td>
<td colspan="2"><input name="email" type="text" class="box" id="email" size="50" /></td>
</tr>
<tr>
<td class="formfont">Password:</td>
<td colspan="2"><input name="pwd" type="password" class="box" id="pwd" size="50" /></td>
</tr>
<tr>
<td colspan="3"><div align="center"><img src="images/bar_login.gif" width="328" height="2" alt="" /></div></td>
</tr>
<tr>
<td> </td>
<td width="49"><input class="red" type="submit" name="Submit" value="Login" /></td>
<td width="230"><input class="red" type="reset" name="Reset" value="Reset" /></td>
</tr>
<tr>
<td> </td>
<td colspan="2"><h6><?php if (isset($_GET['msg'])) { echo "<div class=\"msg\"> $_GET[msg] </div>"; } ?></h6></td>
</tr>
</table>
</form>
<!--Login Form End-->Code: Select all
<?php
session_start();
if (!isset($_SESSION['user']))
{
header("Location: login.php");
}
?>
<?php
if(isset($_POST['save']))
{
// Data to post
$title = $_POST['title'];
$content = $_POST['content'];
if(!get_magic_quotes_gpc())
{
$title = addslashes($title);
$content = addslashes($content);
}
//Database Connection
include 'library/configuration.php';
include 'library/opendatabase.php';
//Where to put the data when submitted.
$query = "INSERT INTO data (title, content) VALUES ('$title', '$content')";
mysql_query($query) or die('Error ,query failed');
include 'library/closedatabase.php';
//Message to confirm the update has worked.
$msg = "<b>Thank you</b> : Your data has been added.";
}
?>Yan