Hello and welcome to our community! Is this your first visit?
Register
Enjoy an ad free experience by logging in. Not a member yet? Register.
Results 1 to 6 of 6
  1. #1
    Senior Coder
    Join Date
    Aug 2005
    Posts
    1,119
    Thanks
    2
    Thanked 1 Time in 1 Post

    Always returning true when it shouldn't?

    PHP Code:
    if($login_username==""
    is always returning true, when i don't think it should. This is how it is set up.

    adminlogin.php
    PHP Code:
    <?php
    session_start
    ();

    include 
    "../includes/config.inc.php";
    mysql_connect ($dbhost$dbusername$dbuserpass);
    mysql_select_db($dbname) or die(mysql_error());
    $query="SELECT * from $logtable where username='$username' and password='$password'";
    $resultmysql_query($query) or die("Could not execute query: $q." mysql_error());

    if (
    mysql_num_rows($result) == 0)
    {

    echo 
    "<div align=center><b>Oops! Your login is wrong. Please click back and try again.</b></div>";

    }
    else
    {
    session_register("$login_username");
    Header("Location: protected.php");
    }
    ?>
    protected.php
    PHP Code:
    <?php

    if($login_username=="") {
    Header("Location: ../index.php?act=admin");
    } else {
    include 
    "../includes/config.inc.php";

        switch(
    $act
        { 
          case 
    'in': include('edittuts.php'); break;  
          default: include(
    'admin.php'); break;
        } 
    }


    ?>
    I don't think this is supposed to be happening, but i can't figure out why it is...huh...

  • #2
    Super Moderator
    Join Date
    May 2002
    Location
    Perth Australia
    Posts
    4,106
    Thanks
    11
    Thanked 101 Times in 99 Posts
    $login_username is never set anywhere so it is always false
    ... until you use session_register which sets $login_username to "" (since $login_username is empty)

    there is a bigger problem anyway , your code relies on register_globals = off & as such anyone can add protected.php?login_username=evil and be logged in

    you should be setting with

    $_SESSION['login_username'] = $username;

    and checking with

    if( !isset($_SESSION['login_username'])){
    header("location:login.php");
    }

    you also should be passing $username and $password (I assume they are $_GET['username'] or $_POST['username'] etc) through a function such as mysql_real_escape_string() to remove any evil code passed on by ****s
    resistance is...

    MVC is the current buzz in web application architectures. It comes from event-driven desktop application design and doesn't fit into web application design very well. But luckily nobody really knows what MVC means, so we can call our presentation layer separation mechanism MVC and move on. (Rasmus Lerdorf)

  • #3
    Senior Coder
    Join Date
    Aug 2005
    Posts
    1,119
    Thanks
    2
    Thanked 1 Time in 1 Post
    ok, yah, i have a function that will get rid of all the bad possibilities for sql injections, but i haven't started using it yet.

    but how do i use this:

    $_SESSION['login_username'] = $username;
    here: session_register("$login_username");

    do i just replace session_register("$login_username"); ?

    If so, then that didn't change anything and im still not getting through to protected.php

  • #4
    Super Moderator
    Join Date
    May 2002
    Location
    Perth Australia
    Posts
    4,106
    Thanks
    11
    Thanked 101 Times in 99 Posts
    yes replace session_register with $_SESSION['etc

    on protected.php you also need to call session_start();
    resistance is...

    MVC is the current buzz in web application architectures. It comes from event-driven desktop application design and doesn't fit into web application design very well. But luckily nobody really knows what MVC means, so we can call our presentation layer separation mechanism MVC and move on. (Rasmus Lerdorf)

  • #5
    Senior Coder
    Join Date
    Aug 2003
    Location
    One step ahead of you.
    Posts
    2,815
    Thanks
    0
    Thanked 3 Times in 3 Posts
    Quote Originally Posted by firepages
    register_globals = off
    off ?
    I'm not sure if this was any help, but I hope it didn't make you stupider.

    Experience is something you get just after you really need it.
    PHP Installation Guide Feedback welcome.

  • #6
    Super Moderator
    Join Date
    May 2002
    Location
    Perth Australia
    Posts
    4,106
    Thanks
    11
    Thanked 101 Times in 99 Posts
    lol, you know what I meant
    resistance is...

    MVC is the current buzz in web application architectures. It comes from event-driven desktop application design and doesn't fit into web application design very well. But luckily nobody really knows what MVC means, so we can call our presentation layer separation mechanism MVC and move on. (Rasmus Lerdorf)


  •  

    Posting Permissions

    • You may not post new threads
    • You may not post replies
    • You may not post attachments
    • You may not edit your posts
    •