Welcome to HBH! If you have tried to register and didn't get a verification email, please using the following link to resend the verification email.

mysql account/user login

  1. Home
  2. Forum
  3. Programming
  4. mysql account/user login

ghost's Avatar

ghost

0 0

Hey guys I just started programming with mysql I have basically finished my account/user script but there's one thing I don't know how to fully "better" prevent mysql injections so I thought I could post my script and you guys could help me out :D

database.php

<?php

$dbname = 'myuser_test';

$link = mysql_connect("localhost","myuser_george","1234") or die("Couldn't make connection.");

$db = mysql_select_db($dbname, $link) or die("Couldn't select database");

?>

login.php

<?php 
include 'database.php';

$user_name = mysql_real_escape_string($_POST['name']);

if ($_POST['Submit']=='Login')

{
$md5pass = md5($_POST['pwd']);
$sql = "SELECT id,user_name FROM testdb WHERE 
            user_name = '$user_name' AND 
            user_pwd = '$md5pass'";
			
$result = mysql_query($sql) or die (mysql_error()); 
$num = mysql_num_rows($result);

    if ( $num != 0 ) { 

        // A matching row was found - the user is authenticated. 
       session_start(); 
	   list($user_id,$user_name) = mysql_fetch_row($result);
		// this sets variables in the session 
		$_SESSION['user']= $user_name;
					
		if (isset($_GET['ret']) && !empty($_GET['ret']))
		{
		header("Location: $_GET[ret]");
		} else
		{
		header("Location: home.php");
		}
		//echo "Logged in...";
		exit();

    } 

header("Location: login.php?msg=Invalid Login");

//echo "Error:";

exit();	

	
}

?>

<link href="styles.css" rel="stylesheet" type="text/css">

<?php if (isset($_GET['msg'])) { echo "<div class=\"msg\"> $_GET[msg] </div>"; } ?>

<form name="form1" method="post" action="">
User 
<input name="name" type="text" id="name">
Password: 
<input name="pwd" type="password" id="pwd">
<input type="submit" name="Submit" value="Login">
<a href="register2.php">Register</a> | <a href="forgot2.php">Forgot</a>
</form>

home.php

<?php
session_start();
if (!isset($_SESSION['user']))
{
 die ("Access Denied");
}
?> 

<?php if (isset($_SESSION['user'])) { ?>
<p>Logged as 
<b><?php echo $_SESSION['user']; ?></b> | <a href="logout.php">Logout</a> </p>
<?php } ?>

three codes I didn't post logout.php and register.php which I think aren't needed for my question.

Thanks for helping.

-Nationz


ghost's Avatar

ghost

0 0

From what I can tell there isn't much more that you can do. You only use two input, name and pwd. And you escape the name and hash the pwd so all input is safe.


ghost's Avatar

ghost

0 0

MoshBat wrote: Just shoving things like strip_tags() and addslashes() around the username input should help. using strip_tags allowz 4 splitting a tag w/ itself ( <in<input>put> ) unless u recursive it. use htmlentities. iz better

mysql_real_escape_string does better then addslashes cuz it prevents attackz from different char sets n it escapes nl / cr chars. newlines could b used 2 segment n injection 2 hide from black list.

@person dat started thread: protect ur session w/ a uniq identifyer. sha1 / md5 username n a random hash, check that it matches username. not checkin dat user session var just exists


ghost's Avatar

ghost

0 0

MoshBat wrote: Dear lord. Could you write that in english? Also, there are holes in mysql_real_escape_string. That's why using other filters is necessary. nop. take it as u get it. there r more holes n addslashes than mysql_real, n mysql_real does wat addslashes do n more.


ghost's Avatar

ghost

0 0

MoshBat wrote: There are holes in both, true, but having both is better than just one. define wrote: mysql_real does wat addslashes do n more. typecast vars, type chk functoins, mysqli parameturized functoins, regex white list… sumthing


ghost's Avatar

ghost

0 0

By the way how can I test if the code to prevent mysql injection works "sorry I don't know a lot about mysql injections"

And Thanks for the previews answers.


ghost's Avatar

ghost

0 0

read bout mysql injections or get sum1 dat knows bout em to test it


ghost's Avatar

ghost

0 0

There are some good articles on this site on mysql injections and search the google you will get the handy one over there also.


ghost's Avatar

ghost

0 0

nationz wrote: By the way how can I test if the code to prevent mysql injection works "sorry I don't know a lot about mysql injections"

And Thanks for the previews answers.

they have plenty of challenges to get you started and get you in the right mind set for learning sql injections. Just roam through the basic challenges and learn what you can. Use the articles that help you with those challenges, and dont ever forget about google.