Help with Login Script

adavis

I have a school website which has an admin area that is controlled by username and password (encrypted). Access to this area is only for teachers and staff AND within the admin area, I am controlling which pages a user can update dependant on info in my database for each user. I want the user to log in every time they need to update a page. I am using sessions and want the session to end when they close the brower, but stay active until that time, jumping between pages.

All this is working great, BUT, I set everyone's password to the same thing for testing purposes. Now, I am ready for production, so everyone needs to change their password. When the user logs in, I want to check and see if their password in the test password. If it is, then I want to bounce them to a page where they have to enter their new password. I also want to provide a link where they can change their password as well.

I keep getting hung up in a loop that throws me back to the login page when. So, it's this process, login page, change password page, login page, change password page, over and over. Below is the working code. I've thrown the old code out:

Login Script:

<?PHP 
include "connectdb.php";
$_POST['user'] = addslashes($_POST['user']);     // Add slashes to the username,
$pass = crypt($_POST['pass'], $salt);     // and make a crypt of the password.
$sql = "SELECT * FROM users WHERE password='".$pass."' AND username='".$_POST['user']."'";
$result = mysql_query($sql,$dblink) || die("Couldn't query the user-database.");
$num = 0;
while ($row = mysql_fetch_array($result)) {
  $num++;
  $userIN = $row['username'];
  $nameIN = $row['firstname']." ".$row['lastname'];
  $adminIN = $row['admin'];
  $memoIN = $row['memo'];
  $sportsIN = $row['sports'];
  $lunchIN = $row['lunch'];
}
$section = "User Login";
$sportOK = explode(",", $sportsIN);
include "browser.php";
if (!$num) {                      // When the query didn't return anything, display the login form.
  if ($Browser == "ns") { 
    $size1 = "15";
    $FieldsetO = "<table border='1' cellpadding='0' cellspacing='0'><tr><td align='center'>";
    $FieldsetC = "</td></tr></table>";
    $LegendMO  = "<span class='txtMR'>";
    $LegendBO  = "<span class='txtBL'>";
    $LegendC   = "</span>";
  } else { 
    $size1 = "20"; 
    $FieldsetO = "<fieldset>";
    $FieldsetC = "</fieldset>";
    $LegendMO  = "<legend class='txtMR'>";
    $LegendBO  = "<legend class='txtBL'>";
    $LegendC   = "</legend>";
  }
  include "headerA.inc";
  echo "<!-- beginning of page content -->\n";
  echo "<div align='center'>\n";
  echo "<table border='0' cellpadding='0' cellspacing='0'><tr><td align='center'>\n";
  echo "<form action='".$_SERVER[PHP_SELF]."' method='post'>\n";
  echo $FieldsetO."\n";
  echo $LegendBO."Sign In".$LegendC."\n";
  echo "   <table border='0' cellpadding='5' cellspacing='0' width='100%'>\n";
  echo "    <tr>\n";
  echo "     <td class='txtR'>Username: </td>\n";
  echo "     <td><input type='Text' name='user' size='".$size1."'></td>\n";
  echo "  </tr>\n";
  echo "    <tr>\n";
  echo "     <td class='txtR'>Password: </td>\n";
  echo "     <td><input type='Password' name='pass' size='".$size1."'></td>\n";
  echo "    </tr>\n";
  echo "   </table>\n";
  echo $FieldsetC."\n";
  echo "<br>\n";
  echo "<div align='center'>\n";
  echo " <input type='Reset'>&nbsp;\n";
  echo " <input type='Submit' name='submit' value='Log In'>\n";
  echo "</div>\n";
  echo "</form>\n";
  echo "</td></tr></table>\n";
  echo "</div>\n";
  echo "<!-- end of page content -->\n";
  include "footerA.inc";
} else {
  session_start();                                      // Start the login session
  $_SESSION['user'] = $_POST['user'];
  $_SESSION['pass'] = crypt($_POST['pass'], $salt);
  include "headerA.inc";
  include "selections.php";
  include "footerA.inc";
}
mysql_close ($dblink);
?>

Top of each admin page

<?PHP
session_start();                            // Start the login session
if (!$_SESSION['user'] || !$_SESSION['pass']) {     // If the use has not logged in yet
  header('Location: index.php');    // redirect to the login page
  die();                                           // and die
} else {        // If the session variables exist, check to see if the user has access.
  include "connectdb.inc";
  $num = 0;
  $locksql = "LOCK TABLES users READ";
  $lockreq = mysql_query($locksql) || die("ERROR: Query failed:<br>$locksql\n");
  $sql = "SELECT * FROM MA_users WHERE password='".$_SESSION['pass']."' AND username='".$_SESSION['user']."' LIMIT 1";
  $result = mysql_query($sql,$dblink) or die("Couldn't query the user-database.");
  while ($row = mysql_fetch_array($result)) {
    $num++;
    $userIN = $row['username'];
    $nameIN = $row['firstname']." ".$row['lastname'];
    $adminIN = $row['admin'];
    $memoIN = $row['memo'];
    $sportsIN = $row['sports'];
    $lunchIN = $row['lunch'];
  }
  $locksql = "UNLOCK TABLES";
  $lockreq = mysql_query($locksql) || die("ERROR: Query failed:<br>$locksql\n");

  if (!$num) {    // If the credentials didn't match, redirect the user to the login screen.
    header('Location: index.php');
    mysql_close ($dblink);
    die();
  }
}
mysql_close ($dblink);
$user = $_SESSION['user'];
.
.
.

Any help or advice would be greatly appreciated. I'm starting to see double on this 🙂

ScubaDvr2

I'm not 100% sure this will work. I didn't look at the other parts of the code, but << username='$_POST['user']' >>

you have a pair of single quotations inside the username. If I'm not mistaken, wouldn't that cut the username at $_POST[? I'm not sure..

Originally posted by adavis

$sql = "SELECT * FROM users WHERE password='$pass' AND username='$_POST['user']'";

adavis

Sorry, I was trying to conserve space. The line is actually:

$sql = "SELECT * FROM users WHERE password='".$pass."' AND username='".$_POST['user']."'";

I went back and fixed the origional post, so the code is as it is in my working script. BTW, it works. Surprised me! 🙂

adavis

still looking for suggestion...