I have a little problem and I can't find the reason..
I have this easy function that should check if the user/pass are correct and i would like to save all the infos about the user from $row object into $userdata global object
function check_credentials($username, $password) {
global $userdata;
$password = md5($password);
$result = mysql_query("SELECT * FROM users WHERE username='$username' AND password='$password' LIMIT 0,1")or die(mysql_error());
while ($row = mysql_fetch_object($result)) {
if(($row->password == $password) && ($row->username == $username) && ($row->ver == 1)) {
$userdata = clone $row;
return true;
}
else break;
}
}
unset($_SESSION['logged_as']);
return false;
}
Do you have any idea of why, out of the function, the global variable disappear ? because it should be global
Your function simply returns boolean true, not the modified variable.
Change
$userdata = clone $row;
return true;
to
$userdata = clone $row;
return $userdata;
As #Broatcast said, the global function must have been declared out of the function before.
$var = null;
function name() {
global $var
}
// use $var as global
Instead using using a global variable, just return the $userdata:
if(($row->password == $password) && ($row->username == $username) && ($row->ver == 1)) {
return $row;
}
Then capture the row when you call the function
$userdata = check_credentials($username, $password);
Related
My primary programming language is python, but I inherited a PHP project to maintain, and I am trying to fix some SQL injection vulnerabilities. I have one file that has me baffled. It is working, but I have no idea how. On line 14, it invokes $db, but I do not understand how $db is available within that function. It is defined in other php files within the project, but my understanding was that global variables have to be declared (as $tbl_users is) to be available inside a function. Where else do I need to look to know where authValidateUser is getting $db from?
<?php
$user_list_link = "edit_users.php";
function authValidateUser($user, $pass)
{
global $tbl_users;
$user = strtolower($user);
$pass = md5($pass);
$user = preg_replace("/[^a-z0-9.]+/i","",$user);
$pass = preg_replace("/[^a-z0-9.]+/i","",$pass);
return sql_query1($db, "select count(*) from $tbl_users where name = '$user' and password = '$pass';");
}
function authGetUserLevel($user, $lev1_admin)
{
// User not logged in, user level '0'
if(!isset($user))
return 0;
// Check if the user is can modify
for($i = 0; isset($lev1_admin[$i]); $i++)
{
if(strcasecmp($user, $lev1_admin[$i]) == 0)
return 2;
}
// Everybody else is access level '1'
return 1;
}
?>
sql_query1 is the following:
function sql_query1 ($db, $sql)
{
$r = mysqli_query($db, $sql);
if (! $r) return -1;
if (mysqli_num_rows($r) != 1 || mysqli_num_fields($r) != 1
|| ($result = mysqli_result($r, 0, 0)) == "") $result = -1;
mysqli_free_result($r);
return $result;
}
i have a login function in a seperate script(main.php) which is like the below
public function login($username,$password) {
$linkingcon = $this->getConnection();
$sqlquery = "SELECT ac.userID,ac.name,us.usertype FROM users us JOIN accounts ac ON us.userID = ac.userID WHERE us.username='$username' AND us.password='$password';";
$result = mysql_query($sqlquery , $linkingcon);
$this->throwMySQLExceptionOnError($linkingcon);
$row = mysql_fetch_array($result);
$survey = new stdClass();
if($row) {
$res->userID = (int)$row['userID'];
$res->name = $row['name'];
$res->usertype = (int)$row['usertype'];
$string = rand() . 'SurveyLand' . rand() . $username. $password;
$_SESSION['SURVEYLAND_KEY'] = md5($string);
} else {
$res = false;
}
return $res;
}
and im calling the above login function from another script but i am currently unable to call the "usertype" variable of the above function... below is the function that i have written to call the "usertype", can anybody check what is wrong with the below function
function login($parameters) {
$main = new Main();
$log = $main->login($parameters["username"], $parameters["password"]);
if($log != false){
$_SESSION['usertype'] = $res->usertype;
print_r($_SESSION);
}
return $log;
}
Try changing $res to $log in the second method. $res is the variable name you use in the first method, but is out of scope in the second method. However you assign the response of the first method (ie. $res) to $log in the second method.
function login($parameters) {
$main = new Main();
$log = $main->login($parameters["username"], $parameters["password"]);
if($log != false){
$_SESSION['usertype'] = $log->usertype;
print_r($_SESSION);
}
return $log;
}
Below is the function I am using. It is strange because when I test the name "admin" it returns an associative array with all the correct columns and values, however every other name tests returns 0 as far as I can tell, meaning nothing is found from the query (I am entering the names perfectly as they are in the database).
I have a feeling this could be some sort of security feature of pdo or something but I don't understand why it is acting up this way.
I am using mysql.
Does anyone know the problem and how to resolve it? Thank you!
function getUserDetailsByName($name, $fields = "*")
{
$db = connect_db();
$query = "SELECT $fields FROM UserDetails WHERE userName=:username";
$result = $db->prepare($query);
$result->bindParam(":username", $name);
if (!($result->execute())) {
sendMessage (1,1,'Query failed',$query);
$db = null;
return;
}
if (!($result->fetch(PDO::FETCH_NUM) > 0)) {
$db = null;
return 0;
}else{
$result = $result->fetch();
$db = null;
return $result;
}
}
EDIT: Someone asked to post how I call the function.
$user = getUserDetailsByName($_POST['value']);
if($user == 0)
{
print "user = 0";
}
print_r($user);
function getUserDetailsByName($name, $fields = "*"){
$db = connect_db();
$query = "SELECT {$fields} FROM UserDetails WHERE userName = :username LIMIT 1;";
if(!$result = $db->prepare($query)){
return null;
}
$result->bindParam(":username", $name);
if(!$result->execute()) {
sendMessage (1,1,'Query failed',$query);
return null;
}
if(!$user = $result->fetch(PDO::FETCH_NUM)) {
return false;
}
return $user;
}
Why 2 fetches? Checkout and compare this to your code.
Use like this:
if($user = getUserDetailsByName($_POST['value'])){
// we have a user!
}else{
// we don't have a user!
}
hello i have problems while using crypt function. i would like to check passwords from a database and an entered one.
the problem i have is that when i will enter a password it even will redirect even in case when it is a totally different password? this is strange to me.
so i use this function:
function salt_crypt($login_password, $rounds = 7) {
$salt = "";
$salt_chars = array_merge(range('A','Z'), range('a','z'), range(0,9)); for($i=0; $i < 22; $i++) {
$salt .= $salt_chars[array_rand($salt_chars)];
}
return crypt($login_password, sprintf('$2a$%02d$', $rounds) . $salt);
i will get the stored password from a function that returns an array:
function ab($a){
global $db;
$query = $db->query("SELECT col_a, col_b FROM table WHERE Field= '$a' ");
$check = $query->fetch_assoc();
return ($check);
}
and this will be used in this function:
function login($a, $login_password){
$user_data = user_data($a);
global $db;
$uname = sanitize($uname);
$crypted_password = salt_crypt($login_password);
if(crypt($user_data['col_b'], $crypted_password) == $crypted_password) {
$query = $db->query("SELECT col_a FROM table WHERE Field_a= '$a' AND Field_b = '$crypted_password' ");
$check = $query->num_rows;
return ($check == 1) ? true : false;
}
}
this function wil be called and in case of the returning result header with:
$login = login($a, $login_password);
if ($login === false){
$errors[] = "text";
} else {
header('Location: page.php');
}
Not all code paths return a value -> your function will return true, even if the if statement is false. Try it with something like this:
function login($a, $login_password){
//All your stuff
if(crypt($user_data['col_b'], $crypted_password) == $crypted_password) {
//Your stuff
}
return false
}
In following code I have upgraded function from MYSQL into MYSQLI, I got some help in my previous posts and they said what should be done.. but now comes the question how to do it..
The thing is to set id before return, otherwise I still will be receiving user ID = 1 no matter on which account I login.
function user_id_from_username($username) {
$username = sanitize($username);
global $db_connect;
$result = $db_connect->query("SELECT(id) FROM members WHERE username = '$username'");
if (false === $result) {
return false;
}
return ($result->num_rows == 1) ? id : false;
I tried to do as in my old MYSQL code, but then it gives error.
My old code:
function user_id_from_username($username){
$username = sanitize ($username);
return mysql_result(mysql_query("SELECT(id) FROM members WHERE username = '$username'"), 0, 'id');
}
I would be grateful for any help!
I didn't try it out but this should work right?
I also put $db_connect as parameter because its safer but it's up to you.
function user_id_from_username($username) {
$username = sanitize($username);
global $db_connect;
$result = $db_connect->query("SELECT id FROM members WHERE username = '".$db_connect->real_escape_string($username)."'");
if (!$result) {
return false;
}
if($result->num_rows == 1){
$row = $result->fetch_assoc();
$output = $row['id'];
}
else{
$output = "Username does not exist in table or is a duplicate.";
}
return $output;
}
Did you try fetch_array or mysqli_fetch_array?
$row = $result->fetch_array(MYSQLI_ASSOC);
// or
$row = mysqli_fetch_array($result, MYSQLI_ASSOC);
// and returning
return $row['id'] ? $row['id'] : false;
return ($result->num_rows == 1) ? id : false;
should be
if(mysqli_num_rows($result) ===1 ){
$row = mysqli_fetch_assoc($result);
return intval($row['id']);
}
return false;