...

View Full Version : login problems



gilgalbiblewhee
05-26-2011, 07:26 PM
I ran into some problems in the login.
The index page shows this:

<form action="login/login.php" method="post">
<label for="login-username" style="float: left; margin: 0px 0px 0px 5px;">Username:</label><br />
<input type="text" name="username" id="login-username" value="" style="float: left; margin: 0px 0px 0px 5px; border: 1px solid #7A1010; color: #7A1010;" />
<label for="login-password" style="float: left; margin: 0px 0px 0px 5px;" >Password:</label><br />
<input type="password" name="password" id="login-password" value="" style="float: left; margin: 0px 0px 0px 5px; border: 1px solid #7A1010; color: #7A1010;" /><br />
<br />
<label for="login-remember" style="float: left; margin: 0px 0px 0px 5px;">Remember me?</label>
<input type="checkbox" name="remember" id="login-remember" style="float: left; margin: 5px 0px 0px 5px;" /><br />
<input type="submit" value="Login" style="float: left; margin: 0px 0px 0px 5px; background-color: #7A1010; color: #EAE8C8;" />
</form>

The form leads to here:

<?php
// Database connection file
require_once("includefiles/dbconnection.php");
$un=isset($_POST['username']) ? $_POST['username'] : "";
$pw=isset($_POST['password']) ? $_POST['password'] : "";
echo "Hellooooooo!!!!!!!!!!!!".$un." ".$pw;
// Form submitted?
if($_SERVER['REQUEST_METHOD'] == "POST"){
$errors = array();
// Validate form
foreach($_POST as $key => $value){
if(empty($value)){
$errors[$key] = $key . " was empty";
}
}
// If no errors, continue
if(count($errors) == 0){
$sql = sprintf("SELECT usergroup AS success FROM {$dbTable} WHERE username='%s' AND password=MD5('%s')", $un, $pw; extract(mysql_fetch_assoc(mysql_query($sql)));
//echo $sql;
// If this is not set, there was an error
if(!isset($success)){
$errors[] = "that username and password combination are incorrect";
}else{
// Remember me?
if(isset($_POST['remember'])){
setcookie("login", $_POST['username'] . ":" . $success, time() + (3600 * 24 * 30)); // store for 30 days
}
// Log the user in
$_SESSION['login'] = true;
$_SESSION['username'] = $_POST['username'];
$_SESSION['group'] = $success;
$_SESSION['just_logged_in'] = true; // to display a message
// Redirect back to the main page
$redirect = true;
unset($errors);
}
}
}else{
// The form was not submitted, so they shouldn't be here
$redirect = true;
}
// Redirect if needed
if(isset($redirect)){
header("Location: " . $baseURL);
exit;
}
include("login-form.php");
?>
But this page shows blank.

mlseim
05-26-2011, 07:52 PM
First of all, any script that uses SESSION, but start like this:

<?php
session_start();

Your blank page indicates you have a PHP script error, but your error
reporting is turned off, so it won't tell you what is wrong.

I would change the top part of your script to this ....

<?php
session_start();
error_reporting(E_ALL);





.

gilgalbiblewhee
05-26-2011, 08:02 PM
First of all, any script that uses SESSION, but start like this:

<?php
session_start();

Your blank page indicates you have a PHP script error, but your error
reporting is turned off, so it won't tell you what is wrong.

I would change the top part of your script to this ....

<?php
session_start();
error_reporting(E_ALL);
.
Should be

$sql = sprintf("SELECT usergroup AS success FROM {$dbTable} WHERE username='%s' AND password=MD5('%s')"
, mysql_real_escape_string($_POST['username']), $_POST['password']);
extract(mysql_fetch_assoc(mysql_query($sql)));
echo $sql;

mlseim
05-26-2011, 08:12 PM
What does your last post mean?
That you found the problem, or you are asking about it?

gilgalbiblewhee
05-26-2011, 09:00 PM
What does your last post mean?
That you found the problem, or you are asking about it?
It doesn't solve the problem but the original code was:

$sql = sprintf("SELECT usergroup AS success FROM {$dbTable} WHERE username='%s' AND password=MD5('%s')"
, mysql_real_escape_string($_POST['username']), $_POST['password']);
extract(mysql_fetch_assoc(mysql_query($sql)));
echo $sql;
instead of

$sql = sprintf("SELECT usergroup AS success FROM {$dbTable} WHERE username='%s' AND password=MD5('%s')", $un, $pw; extract(mysql_fetch_assoc(mysql_query($sql)));
I thought that was the error because it was in a bracket so I removed the ; and skipped a line. But that made it worse. I declared the $un and $pw to the $_POST above as well.

mlseim
05-26-2011, 09:49 PM
I've never seen a query request using sprintf ... that's a new one for me.

Maybe you can try the query in a way like this:
http://www.tizag.com/mysqlTutorial/mysqltables.php


.

Inigoesdr
05-27-2011, 02:40 AM
gilgalbiblewhee, turn on error reporting or check the error log so you can see the what is causing the problem. You should also be hashing the password using PHP's md5() (http://php.net/md5) instead of passing the raw string to MySQL. You are open to SQL injection with the way you have it now.


I've never seen a query request using sprintf ... that's a new one for me.

sprintf() (http://php.net/sprintf) just formats the string. It's similar to do prepared statements in that you use placeholders and can limit the input to types, but you still have to execute the query.

gilgalbiblewhee
05-27-2011, 02:49 AM
gilgalbiblewhee, turn on error reporting or check the error log so you can see the what is causing the problem. You should also be hashing the password using PHP's md5() (http://php.net/md5) instead of passing the raw string to MySQL. You are open to SQL injection with the way you have it now.



sprintf() (http://php.net/sprintf) just formats the string. It's similar to do prepared statements in that you use placeholders and can limit the input to types, but you still have to execute the query.
Ok. Turning on the errors shows the following:

Warning: mysql_fetch_assoc() expects parameter 1 to be resource, boolean given in ...\login.php on line 22

Warning: extract() expects parameter 1 to be array, null given in ... \login.php on line 22
Line 22 is:

$sql = sprintf("SELECT usergroup AS success FROM {$dbTable} WHERE username='%s' AND password=MD5('%s')"
, mysql_real_escape_string($_POST['username']), $_POST['password']);
extract(mysql_fetch_assoc(mysql_query($sql)));//line 22
echo $sql;
...and the password is md5ed:

$sql = sprintf("SELECT usergroup AS success FROM {$dbTable} WHERE username='%s' AND password=MD5('%s')"
, mysql_real_escape_string($_POST['username']), $_POST['password']);
extract(mysql_fetch_assoc(mysql_query($sql)));//line 22
echo $sql;

Inigoesdr
05-27-2011, 03:17 PM
Ok. Turning on the errors shows the following:
Your query failed, find out why. What is the value of $sql after the sprintf line?


...and the password is md5ed:

Yeah, but if you read my message I state that you should do it in PHP instead of MySQL because you are passing the raw string to MySQL to be hashed, which leaves you open to SQL injection.



EZ Archive Ads Plugin for vBulletin Copyright 2006 Computer Help Forum