Basically I'm trying to put together a website that has a login page and when the user logs in, it checks the mysql db for a username and password. If the username/pw are ok, it checks if the user is an admin or regular user. Based on this it goes either to the member page or the admin page.
Ok my question is: what's the standard procedure for doing this? O_o Does the php code go into a seperate file, and what's the best way to redirect the page?
[web] whats standard procedure for php?
Quote:Original post by Fl4sh
Ok my question is: what's the standard procedure for doing this? O_o Does the php code go into a seperate file, and what's the best way to redirect the page?
There's no standard way of doing things, but redirecting is usually done by sending a header.
Also, see Sander's redirect.
Author
<?php ob_start(); ?><!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml"><head><meta http-equiv="Content-Type" content="text/html; charset=utf-8" /><title>Untitled Document</title></head><body><h1> MEMBER AREA</h1></body></html><?php $link = mysqli_connect("localhost","xxxxxxx","xxxxx","memberarea");$id = mysqli_query($link, "SELECT username from logins where username = '$_POST[un]'");$pw = mysqli_query($link, "SELECT password from logins where password = '$_POST[pw]'"); $serial = mysqli_query($link, "Select ID from logins where username = '$_POST[un]'");$userserial = mysqli_fetch_row($serial);$permission = mysqli_query($link, "SELECT permission from logins where id = '$userserial[0]'");$row = mysqli_fetch_row($permission);$num = mysqli_num_rows($id);$num2 = mysqli_num_rows($pw);if($num > 0){ if($num2 > 0) { if($row[0] = "5") { ob_end_flush(); exit; } else { ob_end_clean(); header("Location: http://localhost/PictureSite/adminpaneldfd.php"); } } else { header("Location: http://localhost/PictureSite/login.php"); }}else{ header("Location: http://localhost/PictureSite/login.php");}?>whats wrong w/ this? ;o
i have a value in the database that is 5 or 10 based on if the user is regular user or admin respectively. This script keeps showing the the normal member page w/ an admin account...I don't see why. O_o
[Edited by - Fl4sh on July 10, 2010 8:53:28 AM]
Quote:Original post by Fl4sh
*** Source Snippet Removed ***
whats wrong w/ this? ;o
i have a value in the database that is 5 or 10 based on if the user is regular user or admin respectively. This script keeps showing the the normal member page w/ an admin account...I don't see why. O_o
you got
if (row[0] = "5")
in php = is the assignment operator, you want to use == (to compare the variable with the value)
so you want to use
if (row[0] == "5") etc
However, your code has another fairly big flaw,
By the looks of things it is possible to go directly to adminpanelfd.php if you know it exists, your login system needs to track visitors and all restricted pages has to verify that the user is logged in and has the right to view that page.
You are also inserting user input directly in the queries which is a huge security risk, a malicious user could modify the query to do pretty much anything they want. (Google for SQL injection for more info)
(Try entering "a' OR 'a'='a" without the double quotes as username and password and see what happens) (unless i made some mistake it should log you in as the first user in the list)
If the hacker puts a ; in there aswell he can write entire queries on his own that do pretty much anything he wants.
You might want to take a look at this:
http://php.net/manual/en/function.mysql-real-escape-string.php
[Edited by - SimonForsman on July 10, 2010 9:48:09 AM]
Also, you should be running that script and calling header() before all that HTML is output. The HTTP headers are the first things in the page. If that script was to run unbuffered the header() calls would do nothing.
Author
Quote:Original post by Kylotan
Also, you should be running that script and calling header() before all that HTML is output. The HTTP headers are the first things in the page. If that script was to run unbuffered the header() calls would do nothing.
sup captain obvious. ;o
That PHP script seems to be sensitive to SQL injection. Someone can change your SQL query by altering the $_POST data in a special way. You should treat $_POST data as user input and check the contents before using the data in a query.
This topic is closed to new replies.
Advertisement
Popular Topics
Advertisement
