Thread: How to facilitate login?
View Single Post

  #5 (permalink)  
Old 04-01-2005
Fat Bloke
 
Posts: n/a
Default Re: How to facilitate login?
On Fri, 01 Apr 2005 17:04:02 GMT, Oli Filth <catch@olifilth.co.uk> wrote:

>Treefrog wrote:
>> "Tex John" <john@logontexas.com> wrote in message
>> news:6hZ2e.14821$1H3.14027@tornado.texas.rr.com...
>>
>>>http://www.devshed.com/c/a/PHP/Creat...-Login-Script/
>>>
>>>is a start...
>>>
>>>hth,
>>>John
>>
>>
>> Grr, top post! breeeath.... ah, never mind.
>>
>> I've just quickly looked through that article and have something to add for
>> a secure login script.
>>
>> Martin suggested using the following query to check a login:
>> $sql = "SELECT * FROM member WHERE " .
>> "username = $username AND " .
>> "password = $password";
>>
>> However, that's vulnerable to SQL injection, the following method is much
>> more restrictive to injection attacks.
>>
>> $sql = "SELECT * FROM member WHERE username=$username"
>> $row = fetch_array......
>>
>> if ($row["password"] == $_GET['password']){
>> login ok.
>> }
>>
>> Why is it more secure?
>
>It's not.
>
>> Well, first off, they only have one variable to inject into (ok, not much of
>> a help) but even IF they did something like "SELECT .... WHERE username=' '
>> or username like '%'"
>
>Well you could just use mysql_real_escape_string(), and this wouldn't be
>a problem at all...
>
>> they would STILL have to know a valid password for the PHP comparison. Not
>> totally bomb proof bit a bit more secure than the above version.
>>
>
>Also, you shouldn't store unencrypted in your database. You should hash
>them using md5() (or sha1()) before storing them, and then compare
>against the md5() (or sha1()) of the user input.
This is what I use - is it best practice?

<?
$TableName="auth_users";
$Query="SELECT * FROM $TableName WHERE username=\"$username\" and
password=password(\"$password\")";
$Result=mysql_db_query ($DBName, $Query, $Link);
$num=mysql_num_rows($Result);
if ($num==0)
{
header("location: logon.php");
exit();
}
else
{
session_start();
session_register('valid');
$valid="yes";
}

and the start of the header file included in all the other files being -
<?
session_start();
if ($valid =="results")
{
header( "Location: onwards_into_the_files" );
}
if ($valid !=="yes")
{
header( "Location: logon.php" );
exit();
}

------------------------------------------------------------

This post did not necessarily reflect my opinions. So there.
Pull the pins out to reply direct.
Reply With Quote