Jump to content
  • Advertisement
Sign in to follow this  
Fl4sh

[web] whats standard procedure for php?

This topic is 2887 days old which is more than the 365 day threshold we allow for new replies. Please post a new topic.

If you intended to correct an error in the post then please contact us.

Recommended Posts

Basically I'm trying to put together a website that has a login page and when the user logs in, it checks the mysql db for a username and password. If the username/pw are ok, it checks if the user is an admin or regular user. Based on this it goes either to the member page or the admin page.

Ok my question is: what's the standard procedure for doing this? O_o Does the php code go into a seperate file, and what's the best way to redirect the page?

Share this post


Link to post
Share on other sites
Advertisement
Quote:
Original post by Fl4sh
Ok my question is: what's the standard procedure for doing this? O_o Does the php code go into a seperate file, and what's the best way to redirect the page?

There's no standard way of doing things, but redirecting is usually done by sending a header.

Also, see Sander's redirect.

Share this post


Link to post
Share on other sites


<?php ob_start(); ?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Untitled Document</title>
</head>

<body>

<h1> MEMBER AREA</h1>
</body>
</html>

<?php

$link = mysqli_connect("localhost","xxxxxxx","xxxxx","memberarea");
$id = mysqli_query($link, "SELECT username from logins where username = '$_POST[un]'");
$pw = mysqli_query($link, "SELECT password from logins where password = '$_POST[pw]'");

$serial = mysqli_query($link, "Select ID from logins where username = '$_POST[un]'");
$userserial = mysqli_fetch_row($serial);

$permission = mysqli_query($link, "SELECT permission from logins where id = '$userserial[0]'");
$row = mysqli_fetch_row($permission);


$num = mysqli_num_rows($id);
$num2 = mysqli_num_rows($pw);

if($num > 0)
{
if($num2 > 0)
{
if($row[0] = "5")
{
ob_end_flush();
exit;
}
else
{
ob_end_clean();
header("Location: http://localhost/PictureSite/adminpaneldfd.php");
}
}
else
{
header("Location: http://localhost/PictureSite/login.php");
}
}

else
{

header("Location: http://localhost/PictureSite/login.php");
}

?>




whats wrong w/ this? ;o

i have a value in the database that is 5 or 10 based on if the user is regular user or admin respectively. This script keeps showing the the normal member page w/ an admin account...I don't see why. O_o

[Edited by - Fl4sh on July 10, 2010 8:53:28 AM]

Share this post


Link to post
Share on other sites
Quote:
Original post by Fl4sh
*** Source Snippet Removed ***

whats wrong w/ this? ;o

i have a value in the database that is 5 or 10 based on if the user is regular user or admin respectively. This script keeps showing the the normal member page w/ an admin account...I don't see why. O_o


you got

if (row[0] = "5")

in php = is the assignment operator, you want to use == (to compare the variable with the value)

so you want to use

if (row[0] == "5") etc


However, your code has another fairly big flaw,
By the looks of things it is possible to go directly to adminpanelfd.php if you know it exists, your login system needs to track visitors and all restricted pages has to verify that the user is logged in and has the right to view that page.

You are also inserting user input directly in the queries which is a huge security risk, a malicious user could modify the query to do pretty much anything they want. (Google for SQL injection for more info)

(Try entering "a' OR 'a'='a" without the double quotes as username and password and see what happens) (unless i made some mistake it should log you in as the first user in the list)

If the hacker puts a ; in there aswell he can write entire queries on his own that do pretty much anything he wants.

You might want to take a look at this:
http://php.net/manual/en/function.mysql-real-escape-string.php

[Edited by - SimonForsman on July 10, 2010 9:48:09 AM]

Share this post


Link to post
Share on other sites
Also, you should be running that script and calling header() before all that HTML is output. The HTTP headers are the first things in the page. If that script was to run unbuffered the header() calls would do nothing.

Share this post


Link to post
Share on other sites
Quote:
Original post by Kylotan
Also, you should be running that script and calling header() before all that HTML is output. The HTTP headers are the first things in the page. If that script was to run unbuffered the header() calls would do nothing.


sup captain obvious. ;o

Share this post


Link to post
Share on other sites
That PHP script seems to be sensitive to SQL injection. Someone can change your SQL query by altering the $_POST data in a special way. You should treat $_POST data as user input and check the contents before using the data in a query.

Share this post


Link to post
Share on other sites
Sign in to follow this  

  • Advertisement
×

Important Information

By using GameDev.net, you agree to our community Guidelines, Terms of Use, and Privacy Policy.

Participate in the game development conversation and more when you create an account on GameDev.net!

Sign me up!