Need help with a login script.

Richardtagger

I have a little problem with the login scripts, It works so far as tho it rejects bad passwords, accepts good ones, sets the session variables etc. But if you put a wrong password in you get the SQl error cannont jump to row 0 etc. How can i get rid of that? The biggest problem is. You can type a username that doesnt exit and any password and it will go welcome "asdaddasa or whatever you typed" its ok for the ones that exist in the db, but it lets anyone login atm. COuld i have some help plz? thanx i think the could needs a total redesign but i have no idea where to go from or what to do. Thanx guys.


<?
/* Check User Script */
session_start();  // Start Session

include 'db.php';
$nomatch = '';
$enterall = '';
$fail = 0;
$fail1 = 0;
$login_check =0;
// Conver to simple variables
$username = $_POST['username'];
$password = $_POST['password'];

if((!$username) || (!$password)){
	$fail = 1;
	$enterall = '<font face="Tahoma"><font color="#FF0000"><strong>Please enter all of the information!<br />';
	include 'login_form.php';
	exit();
}


// check if the user info validates the db
$sql = mysql_query("SELECT * FROM users WHERE username='$username' AND password='$password' AND activated='1'");
$login_check = mysql_num_rows($sql);

$userid = mysql_result($sql,0,"userid");

if($login_check > 0){
	$first_name =mysql_result($sql,0,"first_name");
	$last_name =mysql_result($sql,0,"last_name");
	$email_address =mysql_result($sql,0,"email_address");
	$user_level =mysql_result($sql,0,"user_level");
	$username =mysql_result($sql,0,"username");

	// Register some session variables!
	$_SESSION['first_name'] = $first_name;
	$_SESSION['last_name'] = $last_name;
	$_SESSION['email_address'] = $email_address;
	$_SESSION['user_level'] = $user_level;
	$_SESSION['logged_in'] = 1;
	$_SESSION['username'] = $username;
	$_SESSION['password'] = $password;

	mysql_query("UPDATE users SET last_login=now() WHERE userid='$userid'");
	include 'memberarea.php';
}
else {
$fail1 = 1;
$nomatch = '<font face="Tahoma"><font color="#FF0000"><strong>You could not be logged in. Either the username and password do not match or you have not validated your membership. Please try again.';
include 'login_form.php';
}
?>

planetsim

OK a few things to comment about

SESSIONS, never store information such as passwords, credit cards or anything like that in a session. You have stored the password. This also goes for Cookies as well..

No encrypted password or hashed. Your storing your passwords as raw text meaning there is no checking error checking other than the fact its been checked by the database. Try using md5() to hash the password so it cannot be easily cracked.

Error Checking you have an SQL Injection attack waiting. Before any data goes into a database or anywhere really the data must be validated. Id check using addslashes(), htmlentites(). You may want to search on other methods how people check data.

One more thing use <?php instead of <? when you want to start using XML with PHP your going to end up with problems also some hosts have short_tags off.

$login_check = mysql_num_rows($sql);

$userid = mysql_result($sql,0,"userid");

if($login_check > 0){

Why not make it easy on yourself and PHP

if (($check=mysql_num_rows($sql))=="1") {
  $userid = mysql_result($sql,0,"userid"); //you called this before there was actually a result.
}

Also instead of using mysql_result all the time why not use mysql_fetch_array it will probably speed the script up slightly as your not calling MySQL all the time.