php woes... can anyone help?

Discussion in 'Web Design and Development' started by msjones, Feb 26, 2011.

  1. msjones macrumors 6502

    msjones

    Joined:
    Oct 18, 2007
    Location:
    Nottinghamshire, UK
    #1
    Hi.

    I am creating a website for a friend. I am new to php coding but have managed to get a simple login system up and running using a mysql database. I am wanting to set up a user level system which will display certain page elements depending on the status level set in the database. Here is my code for the login_check.php page:

    Code:
    <?php
    
    include 'sql_login.php';
    
    mysql_select_db("database",$con);
    
    $username = $_POST['username']; 
    $password = $_POST['password'];
    
    //Get security Status
    $status=mysql_query("SELECT status FROM hd_users WHERE username='$username'");
    
    $sql="SELECT * FROM hd_users WHERE username='$username' and password=PASSWORD('$password')";
    $result=mysql_query($sql);
    
    $count=mysql_num_rows($result);
    
    // Register $myusername, $mypassword and redirect to file "home.php"
    if($count==1){
    session_register("username");
    session_register("password"); 
    header("location:members.php");
    
    //Define variables for home.php
    $_SESSION['username'] = $username;
    $_SESSION['status'] = $status;
    
    }
    else {
    header("location:staff.php");
    }
    
    mysql_close($con)
    
    ?>
    As you can see im grabbing the username and password from the login page and comparing it to the database to allow the user access. All this is working fine.

    The $_SESSION['username'] = $username is working to display a greeting message to the user on the members only page. Its the $_SESSION['status'] = $status I am having trouble with. The $status is set from an sql query early in the script. When I run the query on the server is returns the value 1 which is what the users are set to in the db. However I am echoing the output of the $_SESSION['status'] on the members page and its coming up as 0.

    There are only two user levels, 1&2 so where is the script getting the 0 from?

    Here is the code from the top of my members only page just incase its needed:

    Code:
    <? 
    session_start();
    $username = $_SESSION['username'] ;
    $status = $_SESSION['status'] ;
    if(!session_is_registered('username')){
    header("location:login.php");
    }
    ?>
    Again its when I echo the $status variable it shows a 0 when it should be a 1.

    Thanks advance.
     
  2. phantax macrumors member

    Joined:
    Feb 2, 2009
    #2
    Few comments:

    Code:
    $username = $_POST['username']; 
    $password = $_POST['password'];
    
    //Get security Status
    $status=mysql_query("SELECT status FROM hd_users WHERE username='$username'");
    
    You are asking for an injection attack here. NEVER trust user submitted data without escaping it in some way.

    Code:
    session_register("username");
    session_register("password"); 
    header("location:members.php");
    
    $_SESSION['username'] = $username;
    $_SESSION['status'] = $status;
    
    session_register is a now deprecated function. You are setting these session variables in 2 different ways, you don't need both. Get rid of the session_register statements. Also, is there a reason you are setting the session variables after the redirect line?

    The way you are merely checking to see only if "username" exists in the session for authentication is not secure by any means.

    For a simple website or something like this there are numerous existing classes you can use to accomplish the same thing very easily and more securely without reinventing the wheel. Check out http://phpUserClass.com/
     
  3. msjones thread starter macrumors 6502

    msjones

    Joined:
    Oct 18, 2007
    Location:
    Nottinghamshire, UK
    #3
    thanks for the input, its much appreciated.

    I have added stripslashes to the code to help prevent injection. Again there is probably a better way to do it but I am still new to php.

    I have also removed the session_register parts and am now just using $_SESSION function.

    Thanks for the link, there is some helpful things there.
     

Share This Page