Privilege check not working

Locutus

<?
if($USER["privilege"] == '4'){ 
die(test);
}else{
require("link.php");
}
?>

For some strange reason this does not work.

What I am trying to do here:

Users with privilege 4 get a message (the die(); ) and users that have another privilege or that are not logged in (no privilege) get acces to link.php

Please help me 🙂

This is a picture of the structure

stolzyboy

can we see your query and how you are grabbing the results?

Locutus

Ehm, okay, i am not able to make such a query:

If i want to make 1 independent file, it would be something like this:

<?
mysql_connect("localhost","root","");
mysql_select_db("at");

if($USER["privilege"] == '4'){ 
die(test);
}else{
require("link.php");
}
?>

I think that the only thing this script is missing is the query to get all the results out of the database. What must I add, how does the query look like? 🙂

Thanks in advance

Cool sig btw 😉

stolzyboy

ok, well you need to get the results somehow from the database, i am working on the assumption that you are using a form to tell what user the privilege is for, so here goes, there may be parse errors, but the logic is there, couldn't test for parse errors

<?
mysql_connect("localhost","root","");
mysql_select_db("at");

$query = "select * from user where name = '$_POST['name']' and password = (password($_POST['password']);"; // use whatever decrypter you used to originally encrypt the password
$result = mysql_query($query) or die(mysql_error());

while ($row = mysql_fetch_array($result))
{
$privilege = $row['privilege'];
}
if($privilege == "4")
{
// do whatever you want if there priv is 4
}
else
{
include 'link.php'; // when priv does not equal 4
}
?>

Locutus

Thx, it worked after i adepted the query a bit 🙂

Only one problem over. When a user is not logged in, you get the same message if when a user has privilege 4. So a person with privilege 4 gets a message, all other users get the page (that are logged in!!) but the users that are not logged in get the same message as users with privilege 4 🙁

stolzyboy

all you should have to do is wherever you are checking for login, do some if condition there and don't worry about the privilege unless they are logged in

Locutus

K, then i made this

<?
mysql_connect("localhost","root","");
mysql_select_db("at");

$query = (" SELECT * FROM `user` WHERE `name` = '".mysql_escape_string($_POST['username'])."' AND `password` = (PASSWORD('".mysql_escape_string($_POST['password'])."')) ");
$result = mysql_query($query) or die(mysql_error());

while ($row = mysql_fetch_array($result))
{
$privilege = $row['privilege'];
}
if($privilege != "4")
{
include("main2.php");
}
else
{
die(test);
}
?>

Can you maybe give a try because this is not working 🙁 Every privilege gets acces to main2.php and privilege 4 should get die();

This is is inlog user.php

<?
require("main.php");

if($action == 'log'){

if($SESSION["loggedin"] == 'Y'){
	$sql->query("UPDATE session SET loggedin='N', member='N', hide='N', user='0' WHERE sessid='{$HTTP_COOKIE_VARS["sessid"]}'");
	location("index.php");
	redirect(3);
} else {
	if(isset($username) AND isset($password)){
		$fpassword = md5($password);
		$query = $sql->query("SELECT user, password FROM user WHERE name='$username'");
		print ($sql->num_rows($query) == 0) ? error(4) : NULL;
		extract($sql->fetch_assoc($query));
		if ($fpassword == $password){
			//$sql->query("DELETE FROM session WHERE user='$user'");
			//$sql->query("UPDATE session SET loggedin='N', member='N', hide='N', user='0' WHERE user='$user'");
			$sql->query("UPDATE session SET loggedin='Y', member='Y', hide='N', user='$user' WHERE sessid='{$HTTP_COOKIE_VARS["sessid"]}'");

			if(empty($location)){
				location("index.php");
			}else{
				if(eregi("-", $location)){
					$location = explode("-", $location);
					$quote = $location[1];
					$location = $location[0];
					location(base64_decode($location)."&quote=$quote");
				} else {
					location(base64_decode($location));
				}

			}

			redirect(7);
		}else{
			error(47);
		}
	} else {
		//setcookie("sessid", NULL, time()-1);
		template("login");
		$hf->parseout("main.header1");
		if(!empty($location)) $xtpl->parse("main.required");
		$xtpl->parseout("main", array('location'=>$location));
		$hf->parseout("main.nav_post_off_reply_off");
		$hf->parseout("main.footer");
	}
}
}

?>

stolzyboy

have you echoed out $privilege to ensure that it is coming through correctly, if so are you getting any errors anywhere, again, try using mysql_error() when running queries as it will give you better errors when trying to track down problems, usuall something like this means that you aren't getting results from the query, or the results you want

Locutus

I understand what you mean but I am not able to alter the script that I would get the myql error or echo the privilege. I am just starting php and I am suprised I got this far:rolleyes:

stolzyboy

you can't edit this part to see about a mysql error, if not, tell whomever is having you do this that it is a little hard to program if they won't let you touch the code

<?
mysql_connect("localhost","root","");
mysql_select_db("at");

$query = (" SELECT * FROM `user` WHERE `name` = '".mysql_escape_string($_POST['username'])."' AND `password` = (PASSWORD('".mysql_escape_string($_POST['password'])."')) ");
$result = mysql_query($query) or die(mysql_error());

while ($row = mysql_fetch_array($result))
{
$privilege = $row['privilege'];
}
if($privilege != "4")
{
include("main2.php");
}
else
{
die(test);
}
?>

Locutus

Haha, no, sorry, you got my wrong.

I can change the code when ever i want, but i am can not make the changes that you sugested (don't know how). That is the problem

I was a bit proud of myself that i got this far, because I have 0,1 experience with php🙂

stolzyboy

before your if statement checking for privilege of 4, simply write this

echo $privilige;

that will tell you whether or not you are getting the expected value out of there

Locutus

<?
mysql_connect("localhost","root","");
mysql_select_db("at");

$query = (" SELECT * FROM `user` WHERE `name` = '".mysql_escape_string($_POST['username'])."' AND `password` = (PASSWORD('".mysql_escape_string($_POST['password'])."')) ");
$result = mysql_query($query) or die(mysql_error());

while ($row = mysql_fetch_array($result))
{
$privilege = $row['privilege'];
echo $privilige; 
}
if($privilege != "4")
{
include("main2.php");
}
else
{
die(test);
}
?>

You mean like this? Goes directly to main2.php en displays no privilege 🙁

Thx for helpen out🙂

DisOrDeR1337

Just outta curosity, what site is this for?

Aaron

stolzyboy

well then that means that $privilige was not equal to 4, from your results, so is it working now

Locutus

DisOrDeR1337: For a clan website.
stolzyboy: But i thougt it ment that the query was wrong and was unable to get the privilege out of the database.

And when the privilege is 4 from a user, you stil get acces to main2.php and that should not happen

stolzyboy

ok you are wanting to get privilige associated from a user in a table called user

username - privilige //in a table and its values are
me - 3 //then another with
you - 4

you want the user "you" to get access to main2.php, and the user "me" to get the die message?

Locutus

This is what i am trying to make:

You have a website:

To thing can happen:

A guest (not registerd) visites the website. He should get acces to main2.php and not checked on privilege
A user (registerd and logged in) should be checked on privlige. Again 2 things can happen:
Privilege is 4. Then he should NOT get acces to main2.php and get a die(); error
If privilge is not 4, so 1,2,3,5,6, etc, they should get acces to main2.php

Because A guest has no privilege (not registerd), i did

if($privilege != "4")
{
include("main2.php");

That means, anything else then 4 get main2.php Guest that have no privilige, then get main2.php

This is what i am trying to do. But now the problem. Privilege check goes wrong, i think the query is wrong. Everybody have acces to main2.php and users with privilege 4 can thus acces the file.

The data for so far

Picture of database: http://home.wxs.nl/~terps407/tabel.JPG

the file that shoot check the acces:

<?
mysql_connect("localhost","root","");
mysql_select_db("at");

$query = (" SELECT * FROM `user` WHERE `name` = '".mysql_escape_string($_POST['username'])."' AND `password` = (PASSWORD('".mysql_escape_string($_POST['password'])."')) ");
$result = mysql_query($query) or die(mysql_error());

while ($row = mysql_fetch_array($result))
{
$privilege = $row['privilege'];
}
if($privilege != "4")
{
include("main2.php");
}
else
{
die(test);
}
?>

And finaly the user.php (this is the file wich user use the log in or out. Here you can see how password etc is stored and this information could be needer for the query

<?
require("main.php");

if($action == 'log'){

if($SESSION["loggedin"] == 'Y'){
    $sql->query("UPDATE session SET loggedin='N', member='N', hide='N', user='0' WHERE sessid='{$HTTP_COOKIE_VARS["sessid"]}'");
    location("index.php");
    redirect(3);
} else {
    if(isset($username) AND isset($password)){
        $fpassword = md5($password);
        $query = $sql->query("SELECT user, password FROM user WHERE name='$username'");
        print ($sql->num_rows($query) == 0) ? error(4) : NULL;
        extract($sql->fetch_assoc($query));
        if ($fpassword == $password){
            //$sql->query("DELETE FROM session WHERE user='$user'");
            //$sql->query("UPDATE session SET loggedin='N', member='N', hide='N', user='0' WHERE user='$user'");
            $sql->query("UPDATE session SET loggedin='Y', member='Y', hide='N', user='$user' WHERE sessid='{$HTTP_COOKIE_VARS["sessid"]}'");

            if(empty($location)){
                location("index.php");
            }else{
                if(eregi("-", $location)){
                    $location = explode("-", $location);
                    $quote = $location[1];
                    $location = $location[0];
                    location(base64_decode($location)."&quote=$quote");
                } else {
                    location(base64_decode($location));
                }

            }

            redirect(7);
        }else{
            error(47);
        }
    } else {
        //setcookie("sessid", NULL, time()-1);
        template("login");
        $hf->parseout("main.header1");
        if(!empty($location)) $xtpl->parse("main.required");
        $xtpl->parseout("main", array('location'=>$location));
        $hf->parseout("main.nav_post_off_reply_off");
        $hf->parseout("main.footer");
    }
}
}

?>

A lot of lines, thx for trying 😉

stolzyboy

hmmm...well then echo out the query like

echo $query;

and see if you get anything from that and so it doesn't just jump to main.php, echo out the if stuff to trouble shoot til you get what you really want from the privilige variable

Locutus

<?
mysql_connect("localhost","root","");
mysql_select_db("at");

$query = (" SELECT * FROM `user` WHERE `name` = '".mysql_escape_string($_POST['username'])."' AND `password` = (PASSWORD('".mysql_escape_string($_POST['password'])."')) ");
$result = mysql_query($query) or die(mysql_error());

while ($row = mysql_fetch_array($result))
{
$privilege = $row['privilege'];
echo $privilige; 
echo $query; 
}
?>

Like this? Gives nothing (blanc screen) so I think the query to get the privilege from the user that is logged in is wrong, but I don't know whats wrong about it