By using this site, you agree to our updated Privacy Policy and our Terms of Use. Manage your Cookies Settings.
428,853 Members | 2,144 Online
Bytes IT Community
+ Ask a Question
Need help? Post your question and get tips & solutions from a community of 428,853 IT Pros & Developers. It's quick & easy.

Problem with login script using php

P: 17
Hey guys. I seem to be having a problem with security on my login script.


This is the code for my login page.

Expand|Select|Wrap|Line Numbers
  1. <?php
  2.     include('connect.php');
  3.  
  4.     $username=$_POST['username'];
  5.     $password=$_POST['password'];
  6.  
  7.     // protect from MySQL injection 
  8.     $username = stripslashes($username);
  9.     $password = stripslashes($password);
  10.     $username = mysql_real_escape_string($username);
  11.     $password = mysql_real_escape_string($password);
  12.  
  13.     $encrypted_password=md5($password);
  14.  
  15.     $sql="SELECT * FROM staff WHERE username='$username' and password='$encrypted_password'";
  16.     $sqlresult=mysql_query($sql)or die("Could not retreive data from table");
  17.  
  18.     $row=mysql_fetch_array($sqlresult);
  19. ?>
  20.  
All the code is working fine and it directs to the admin.php file upon successful login


Expand|Select|Wrap|Line Numbers
  1. <?php
  2.             if (isset($_POST['submit']))
  3.             {
  4.  
  5.                 if ($row['username']==$username && $row['password']==$encrypted_password)
  6.                 {
  7.                     $username = $_SESSION['username'];
  8.                     $password = $_SESSION['password'];
  9.                     header("Location:admin.php");
  10.                 }
  11.  
  12.                     elseif ($username == '' || $password == '')
  13.                     {
  14.                         echo '<div style="padding:5px 10px 5px 10px; margin:0px auto 20px; border:2px solid #FF0000; color:#FF0000; width:176px;">';
  15.                         echo "Please fill in all required fields";
  16.                         echo '</div>';
  17.                     }
  18.  
  19.                         else
  20.                         {
  21.                             echo '<div style="padding:5px 10px 5px 10px; text-align:center; margin:0px auto 20px; border:2px solid #FF0000; color:#FF0000; width:255px;">';
  22.                             echo "INCORRECT USERNAME AND PASSWORD ENTERED:";
  23.                             echo "<br/>";
  24.                             echo "Please enter a valid username and password";
  25.                             echo '</div>';
  26.                         }
  27.             }
  28.         ?>    
  29.  
  30.  
However, if I type in 'admin.php' into the appropriate place in the url in the address bar then I can view the page that should be secured with a login. Currently I have used sessions on the admin page to redirect somebody if they haven't first logged in.

Expand|Select|Wrap|Line Numbers
  1.  
  2. <?php
  3.     session_start();
  4.  
  5.         if ($_SESSION['username'] = '')
  6.         {
  7.             header("location:login.php");
  8.         }
  9. ?>
  10.  
Any feedback would be much appreciated
Dec 29 '11 #1
Share this Question
Share on Google+
3 Replies


100+
P: 1,059
this line is wrong
Expand|Select|Wrap|Line Numbers
  1. if ($_SESSION['username'] = '')
  2.  
  3. //correct line would be
  4. if ($_SESSION['username']=='')
  5. //..
  6.  

and in the log in page i.e. login.php start your session and as well save the user id in session
Dec 29 '11 #2

P: 45
James

johny10151981 is right, you are missing an = , it is better to include a session check file in every page other than login page & the code should be like this
Expand|Select|Wrap|Line Numbers
  1. <?php
  2.     session_start();
  3.  
  4.         if ($_SESSION['username'] == '')
  5.         {
  6.             header("location:login.php");
  7.         }
  8. ?>
  9.  
also make sure you set $_SESSION['username'] once logged in credentials are checked correct.
Jan 2 '12 #3

Dormilich
Expert Mod 5K+
P: 8,639
Expand|Select|Wrap|Line Numbers
  1. <?php
  2.     session_start();
  3.  
  4.         if ($_SESSION['username'] = '')
  5.         {
  6.             header("location:login.php");
  7.         }
  8. ?>
some nifty little trick to avoid this problem:
if ('' == $_SESSION['username'])
should you accidentally write
if ('' = $_SESSION['username']),
you’ll be prompted with an error.
Jan 5 '12 #4

Post your reply

Sign in to post your reply or Sign up for a free account.