I basically took in 3 pieces of data from a form, and before processing them, I just wanted to make sure that all fields were filled in. So the focus of this is the second to last IF statement, checking if the different variables are empty. It seems to only be working for the first variable and I can't figure out how to make it apply to all of them.
<?php
include ("account.php") ;
include ("connect.php") ;
$isdone = FALSE;
$un = $_REQUEST [ "un"] ;
$pw = $_REQUEST [ "pw"] ;
$data = mysql_query("SELECT * FROM `auth` WHERE username = '$un'") or die(mysql_error());
$info = mysql_fetch_array($data);
$info['username'];
$password = $info['pw'];
session_start();
if(trim($un) != '' && trim($pw) != '' && $password == $pw)
{
$_SESSION['uze']=$un;
include "problem.html";
}
elseif( !isset($_POST['submit1']) && $isdone == FALSE)
{
echo "wrong password";
}
$selected = $_REQUEST [ "type"] ;
if($selected == 'afs')
{
$typeinc = 'afs';
}
else if($selected == 'db')
{
$typeinc = 'database';
}
else if($selected == 'cs')
{
$typeinc = 'computer systems';
}
else if($selected == 'pw')
{
$typeinc = 'password';
}
else if($selected == 'hw')
{
$typeinc = 'hardware';
}
else if($selected == 'other')
{
$typeinc = 'other';
}
$text = $_REQUEST ["inc"];
$selected2 = $_REQUEST ["yesno"];
if($selected2 == 'yes')
{
$email = 'yes';
}
else
{
$email = 'no';
}
if(isset($_POST['submit1']))
{
if(empty($typeinc) || empty($text) || empty($email))
{
print( 'You have not filled in all fields, click to sign in and re-enter' );
}
}
else{
mysql_query("INSERT INTO `swp5_proj`. `inci` (`type`, `date`, `time`, `reporter`, `desc`) VALUES ('$typeinc', CURDATE(), CURTIME(), '".$_SESSION['uze']."', '$text');") or die(mysql_error());
mysql_query("DELETE FROM inci WHERE type = ' '");
$isdone = TRUE;
}
if(isset($_POST['submit1']) && $isdone == TRUE)
{
echo "session over";
}
?>
Make sure you clean your REQUEST variables before you put them in a MySQL query.
if((trim($un) !== '') && (trim($pw) !== '') && ($password == $pw))
You're setting $email to yes or no in the line just above.
In your if statement you are using the shortcut OR operator.... As soon as a single statement evaluates to true, the entire statement evaluates to true and there is no need to continue processing further.
Related
i change the server from php 5.2 to php 7.3 & from centos 6 to centos 7.3 , i use also smarty
when i upgrade the host the code not working
i cant login to admin dashboard
its give error " Invalid username/password entered. "
can any please help
if ($_SESSION['ADMINID'] != "" && $_SESSION['ADMINUSERNAME'] != "" && $_SESSION['ADMINPASSWORD'] != "")
{
$redirect = $config['adminurl']."/home.php";
header("location: $redirect");
}
else
{
if($_POST['login']!="")
{
$adminusername = cleanit($_POST['username']);
$adminpassword = cleanit($_POST['password']);
if ($adminusername == "")
{
$error = "Error: Username not entered.";
}
elseif ($adminpassword == "")
{
$error = "Error: Password not entered.";
}
else
{
$encodedadminpassword = md5($adminpassword);
$query="SELECT * FROM administrators WHERE username='".mysqli_real_escape_string($adminusername)."' AND password='".mysqli_real_escape_string($encodedadminpassword)."'";
$executequery=$conn->execute($query);
$getid = $executequery->fields['ADMINID'];
$getusername = $executequery->fields['username'];
$getpassword = $executequery->fields['password'];
if (is_numeric($getid) && $getusername != "" && $getpassword != "" && $getusername == $adminusername && $getpassword == $encodedadminpassword)
{
$_SESSION['ADMINID'] = $getid;
$_SESSION['ADMINUSERNAME'] = $getusername;
$_SESSION['ADMINPASSWORD'] = $encodedadminpassword;
$redirect = $config['adminurl']."/home.php";
header("location: $redirect");
}
else
{
$error = "Invalid username/password entered.";
}
}
}
STemplate::assign('message',$message);
STemplate::assign('error',$error);
STemplate::display('administrator/index.tpl');
}
problem in below
$encodedadminpassword = md5($adminpassword);
$query="SELECT * FROM administrators WHERE username='".mysqli_real_escape_string($adminusername)."' AND password='".mysqli_real_escape_string($encodedadminpassword)."'";
$executequery=$conn->execute($query);
$getid = $executequery->fields['ADMINID'];
$getusername = $executequery->fields['username'];
$getpassword = $executequery->fields['password'];
I'm making Ajax login form, for 2d security (mobile/mail), and this script is so slow what I made.
After 2 sec it echo 1, on mobile on and fsocietyF on, I need more faster then it, if anyone want think near me.
For more text..
session_start();
include('admin/phppath/d.php');
if($_SERVER['HTTP_X_REQUESTED_WITH'] == 'XMLHttpRequest') {
if(#isset($_SERVER['HTTP_REFERER']))
{
if($_POST['token'] == $_SESSION['token2']) {
$email = $_POST['email'];
$password = $_POST['password'];
$q = "SELECT * FROM `signup9501` WHERE email = '$email'";
$r = mysqli_query($c,$q);
$row = mysqli_fetch_array($r);
$securityF = $row['securityF'];
$onoff = $row['onoff'];
if($onoff == 'mobile' && $securityF == 'on'){
echo 1;
}else if($onoff == 'email' && $securityF == 'on'){
echo 1;
}
$rowpassword = $row['password'];
$blocked = $row['blocked'];
if (password_verify("$password", $rowpassword) && $blocked != '1') {
$usrid = $row['id'];
$usernum = $row['phone'];
if($onoff == 'off' && $securityF == 'off' || $onoff == 'on' && $securityF == 'on'){
$_SESSION['email'] = $email;
echo 3;
}else if($onoff == 'email' && $securityF == 'on'){
$code = rand(1111,9999);
$upq = "UPDATE `signup9501` SET `emailcode` = '$code' WHERE `signup9501`.`id` = $usrid";
$upr = mysqli_query($c,$upq);
if($upr){
echo 1;
$_SESSION['path'] = $email;
mail("$email", 'Welcome.io 2D security', "Code: $code", null, '-fsupport#prado.io');
}else{
echo 0;
}
}else if($onoff == 'mobile' && $securityF == 'on') {
$code = rand(1111,9999);
$upq = "UPDATE `signup9501` SET `smscode` = '$code' WHERE `signup9501`.`id` = $usrid";
$upr = mysqli_query($c,$upq);
if($upr){
include ( "admin/eng/src/NexmoMessage.php" );
$nexmo_sms = new NexmoMessage('3241fdsg', '5431gdsgs1243252');
$info = $nexmo_sms->sendText( "$usernum", "Prado.io", "SMS Code: $code");
$_SESSION['path'] = $email;
}else{
echo 0;
}
}
} else {
echo 5;
}
}
else {
header('Location: http://prado.io/admin/eng/logout.php');
}
}
else {
header('Location: http://prado.io/admin/eng/logout.php');
}
}
else {
header('Location: http://prado.io/admin/eng/logout.php');
}
my problem is in my add-post page when i submit redirect isnt done and header()seems doesnt work
public function insert($query){
$insertRecord = $this->link->query($query) or die($this->link->error.__LINE__);
if($insertRecord){
header("Location:admin/index.php?msg=".urlencode('Record Added'));
exit();
} else {
die("Error : (".$this->link->errno.')'.$this->link->error);
}
}
if($title == "" || $body == "" || $category == "" || $author == ""){
$error = "please fill all required fields";
} else {
$query = "insert into posts(category,title,body,author,tags) values ('$category','$title','$body','$author','$tags')";
$insertRecord = $db->insert($query);
}
header('Location: admin/index.php?msg='.urlencode('Record Added'));
I created a registration and a login script which hash the password with salt exactly the same way, however when the user attempts to login using their password, the hashed login password and the one stored in the database differ, it was working a couple of days ago and I haven't changed anything in the login and registration scripts.
Here is what the stored credentials are
DBEMAIL: jd#gmail.com
DBPASSWORD:
addb18f27b6970082727069aa5853116223c5ab46f46a7b07340757804670aef61311ff0254ec45ea78d9ea6d8afb2cefdf3afd6bd4947f6fc558f46703fac1c
Here is what the User inserted credentials are:
UEMAIL: jd#gmail.com
UPASSWORD: 4123363f30664825356a238fe7a568910315e6f6aa8a57d0264844c641e856ab207200f4c75a532b2ebecdbd062bff31da101d973ab0f83eaefd2323a39a4a88
They are hashed using:
$salt = "salinger";
$hashed = hash_hmac("sha512", $password, $salt);
The full registration function (it's messy I know but it works (until now):
function registerUser($firstname, $surname, $email, $password, $secretQ, $secretA, $address, $city, $postcode) {
$flag = array();
$validEmail = validateEmail($email);
if (($validEmail) == true) {
//Do not flag
} else {
array_push($flag, 1);
}
if ((textOnly("First name", $firstname) == true) || ((textOnly("Surname", $surname)) == true) || ((textOnly("City", $city)) == true)) {
array_push($flag, 1);
}
if ((emptyField($firstname)) || (emptyField($surname)) || (emptyField($email)) || (emptyField($password)) || (emptyField($secretA)) || (emptyField($address)) || (emptyField($city)) || (emptyField($postcode))) {
array_push($flag, 1);
}
if (validPostcode($postcode) == false) {
array_push($flag, 1);
}
if (duplicateEmail($email) == true) {
array_push($flag, 1);
}
if (validatePassword($password) == false) {
array_push($flag, 1);
} else {
$password = validatePassword($password);
}
switch ($secretQ) {
case 1:
$secretQ = "Your mothers maiden name?";
break;
case 2:
$secretQ = "Name of your first pet?";
break;
case 3:
$secretQ = "The name of your high school?";
break;
case 4:
$secretQ = "Your favourite instrument?";
break;
}
$salt = "salinger";
$hashed = hash_hmac("sha512", $password, $salt);
if (!empty($flag)) {
echo "There are errors with your registration, go back and ammend it. <br /> << Back";
} else {
if ((isset($firstname)) && (isset($surname)) && (isset($email)) && (isset($password)) && (isset($secretQ)) && (isset($secretA)) && (isset($address)) && (isset($city)) && (isset($postcode))) {
$sql = "INSERT INTO customer (forename, surname, email, password, secretQ, secretA, address_street, address_city, address_postcode, member_type) VALUES ('$firstname', '$surname', '$email', '$hashed', '$secretQ', '$secretA', '$address', '$city', '$postcode', 'User');";
header("Location: index.php");
} else {
array_push($flag, 1);
}
}
$result = mysql_query($sql);
if (!$result) {
die(mysql_error());
}
}
The login function:
function loginUser($email, $password) {
if (validateEmail($email) == true) {
$sql = "SELECT customerid, forename, email, password, secretA, member_type FROM customer WHERE email = '$email'";
$result = mysql_query($sql);
while ($record = mysql_fetch_array($result)) {
$DBid = $record['customerid'];
$DBemail = $record['email'];
$DBpassword = $record['password'];
$DBforename = $record['forename'];
$DBsecretA = $record['secretA'];
$DBmember = $record['member_type'];
}
if (!$result) {
die(mysql_error());
}
$salt = "salinger";
$hashed = hash_hmac("sha512", $password, $salt);
echo "DBEMAIL: $DBemail DBPASSWORD: $DBpassword <br/>";
echo "UEMAIL: $email UPASSWORD: $hashed <br/>";
if (($email == $DBemail) && ($hashed == $DBpassword)) {
$match = true;
} else {
$match = false;
}
if ($match == true) {
session_start();
$_SESSION['userid'] = $DBid;
$_SESSION['Active'] = true;
$_SESSION['forename'] = $DBforename;
$_SESSION['type'] = $DBmember;
header("Location: member.php");
} else {
echo "Incorrect credentials.";
}
} else {
echo "Invalid email address!";
}
return true;
}
In registerUser, I'd take a closer look at this:
...
if (validatePassword($password) == false) {
array_push($flag, 1);
} else {
$password = validatePassword($password);
}
...
$password will be overwritten, it appears, if it is a valid password. If all the passwords are the same in the database, then it's likely that $password is being set to true, and that's the value that's salted. Depending on how you use validatePassword, you may be able to remove the else-clause, leaving this:
...
if (validatePassword($password) == false) {
array_push($flag, 1);
}
...
What is the wrong in my code. it's say... (1) Username required (2) Password is not correct if i click Log in button without username and password, but it' should be show All filed required.
<?php
if(isset($_POST['action']) && isset($_POST['action']) == "Sign in")
{
include("../secure/content/database/db.php");
$uname = mysql_real_escape_string(trim($_POST['uname']));
$pass = md5(mysql_real_escape_string(trim($_POST['pass'])));
/// check user name
$sql = mysql_query("SELECT uname FROM members WHERE uname = '$uname'");
$num_u = mysql_num_rows($sql);
// check user password
$sql2 = mysql_query("SELECT pass FROM members WHERE pass = '$pass'");
$num_p = mysql_num_rows($sql2);
$err = array();
if(isset($uname) && isset($pass))
{
if( empty($uname) && empty($pass))
{
$err[] = "All field required";
}
else
{
if(empty($uname))
{
$err[] = "Username required";
}
else
{
if($num_u == 0) $err[] = "Username is not correct";
}
if(empty($pass))
{
$err[] = "Password required";
}
else
{
if($num_p == 0)
$err[] = "Password is not correct";
}
}
if(!empty($err))
{
foreach($err as $er)
{
echo "<font color=red>$er</font><br>";
}
}
else
{
include("content/include/newsession.php");
$tm = date("Y-m-d H:i:s");
$ip = $_SERVER['REMOTE_ADDR'];
$rt = mysql_query("insert into plus_user_login(id,uname,ip,tm, status, tm_out) values ('$_SESSION[id]','$_SESSION[uname]','$ip','$tm', 'ON', '')");
echo mysql_error();
print "<script>";
print " self.location='content/index.php';";
print "</script>";
}
}
}
Any idea or Solution..
On this line:
$pass = md5(mysql_real_escape_string(trim($_POST['pass'])));
You are calling md5() which will always return a value, even if $_POST['pass'] was empty. So empty($pass) will never be true.
The md5() sum of an empty string or NULL does not result in an empty value, so you always have a value in $pass, even if $_POST['pass'] was empty.
// Never empty
$pass = md5(mysql_real_escape_string(trim($_POST['pass'])));
// Because:
var_dump(md5(""));
string(32) "d41d8cd98f00b204e9800998ecf8427e"
When you check for the presence of $uname & $pass, use the $_POST values instead:
// instead of
if( empty($uname) && empty($pass))
// do
if(empty($uname) && empty($_POST['pass']))
please remove this md5 from following line, md5 create a string if pass is empty.
md5(mysql_real_escape_string(trim($_POST['pass'])));
use this.
mysql_real_escape_string(trim($_POST['pass']));
use md5 in another.
Your are running into this problem because empty strings are hashable see this.
Change
if(isset($uname) && isset($pass))
to
if(isset($uname) && isset($_POST['pass']))