Terrible User Auth Script

cyberlew15

I've written this user auth script that I think sucks donkey D!#K I need some help findong out what the problems are as I cannot send headers after output or some error like that anyways heres the code

<?php
if ((isset($GET['userpg'])) && ($GET['userpg'] == "logout")){
if (isset($COOKIE['loggedin'])){
// do logout
$themodulepage = $SERVER['PHP_SELF']."?page=".$GET['page'];
setcookie("loggedin", "", 0);
$bodycontent = "You Have logged out sucessfully click <a href=".$themodulepage.">here</a> to continue";
}
if (!isset($COOKIE['loggedin'])){
// You aint logged in dickhead
$bodycontent = "You aint logged in dickhead";
}
}
if (isset($COOKIE['loggedin'])){
// One last check
if ((file_exists("./auth/users/".$COOKIE['loggedin'].".usr")) or (file_exists("./auth/admins/".$COOKIE['loggedin'].".usr")) or (file_exists("./auth/godusers/".$COOKIE['loggedin'].".usr"))){
// show the page contents
// this is where authed = true comes into the equation maybe

	}
	if ((!file_exists("./auth/users/".$_COOKIE['loggedin'].".usr")) && (!file_exists("./auth/admins/".$_COOKIE['loggedin'].".usr")) && (!file_exists("./auth/godusers/".$_COOKIE['loggedin'].".usr"))){
	// Bugfix  For after registration process
	$bodycontent = " ";
	}
}
if ((isset($_COOKIE['loggedin'])) && ($pgauth == "admin")){
	// One last check
	if ((file_exists("./auth/admins/".$_COOKIE['loggedin'].".usr")) or (file_exists("./auth/godusers/".$_COOKIE['loggedin'].".usr"))){
	// show the page contents	
	// this is where authed = true comes into the equation maybe

	}
	if ((!file_exists("./auth/admins/".$_COOKIE['loggedin'].".usr")) && (!file_exists("./auth/godusers/".$_COOKIE['loggedin'].".usr"))){
	// Bugfix  For after registration process
	$bodycontent = "You Have Insufficient Privelages to access this Page Please <a href=\"".$_SERVER['PHP_SELF']."?".$_SERVER['QUERY_STRING']."&userpg=logout\">LogOut</a> to Continue";
	}
}
if ((isset($_COOKIE['loggedin'])) && ($pgauth == "god")){
	// One last check
	if (file_exists("./auth/godusers/".$_COOKIE['loggedin'].".usr")){
	// show the page contents	
	// this is where authed = true comes into the equation maybe

	}
	if (!file_exists("./auth/godusers/".$_COOKIE['loggedin'].".usr")){
	// Bugfix  For after registration process
	$bodycontent = "You Have Insufficient Privelages to access this Page Please <a href=\"".$_SERVER['PHP_SELF']."?".$_SERVER['QUERY_STRING']."&userpg=logout\">LogOut</a> to Continue";
	}
}
if (!isset($_COOKIE['loggedin'])){
	if (($pgauth != "god") && ($pgauth != "admin")){
		if ((isset($_GET['userpg'])) && ($_GET['userpg'] == "regform")){
			// do registrationform without username and password
			$bodycontent = "By Clicking on the submit button you are Accepting all of the Terms and Conditions of this website!<Br>".
			"<form method=POST action=".$_SERVER['PHP_SELF']."?".$_SERVER['QUERY_STRING']."&userpg=register>".
			"<p>Registration Form</p>".
			"<p>Username : <input type=text name=reg-bl-username value=".$_POST['bl-username']." size=20></p>".
			"<p>Password : <input type=password name=reg-bl-password value=".$_POST['bl-password']." size=20></p>".
			"<p>Email : <input type=text name=regemail size=40></p>".
			"<p>User Picture URL : <input type=text name=regpic size=40 value=http://www.urltoimage.com></p>".
			"<p>Signature : <br><textarea rows=6 name=regsig cols=38>-- Default User Signature --</textarea></p>".
			"<p><input type=submit value=Submit name=B1><input type=reset value=Reset name=B2></p>".
			"</form>";
		}
		if ((isset($_GET['userpg'])) && ($_GET['userpg'] == "register")){
			// do registration through link
			if ((isset($_POST['reg-bl-username'])) && (isset($_POST['reg-bl-password'])) && (isset($_POST['regemail'])) && (isset($_POST['regpic'])) && (isset($_POST['regsig']))){
				// do register
				$regdata_base = $_POST['reg-bl-password'] . "|" . $_POST['regemail'] . "|" . $_POST['regpic'] . "|" . $_POST['regsig'] . "|";
				$regdata = str_replace("http://www.urltoimage.com", "", $regdata_base);
				$fp = fopen("./auth/users/".$_POST['reg-bl-username'].".usr", "a+");
				fwrite($fp, "".$regdata."");
				fclose($fp);
				$themodulepage = $_SERVER['PHP_SELF']."?page=".$_GET['page'];
				setcookie("loggedin", $_POST['reg-bl-username'], time()+31449600); 
				$bodycontent = "You Have logged in sucessfully click <a href=".$themodulepage.">here</a> to continue"; 
			}
			if ((!isset($_POST['reg-bl-username'])) or (!isset($_POST['reg-bl-password'])) or (!isset($_POST['regemail'])) or (!isset($_POST['regpic'])) or (!isset($_POST['regsig']))){
				// One or more form feilds has not been filled out
				$theformpage = $_SERVER['PHP_SELF']."?page=".$_GET['page']."&userpg=regform";
				$bodycontent = "One or more form feilds has not been filled out please click <a href=".$theformpage."here</a> to go back and complete the form";
			}

		}
	}
	if ((isset($_GET['userpg'])) && ($_GET['userpg'] == "login")){
		// do login
		$bodycontent = "<form method=POST action=".$_SERVER['PHP_SELF']."?".$_SERVER['QUERY_STRING'].">".
		"<p>Login Form</p>".
		"<p>Username : <input type=text name=bl-username size=20></p>".
		"<p>Password : <input type=password name=bl-password size=20></p>".
		"<p><input type=submit value=Submit name=B1><input type=reset value=Reset name=B2></p>".
		"</form>";

	}
	if ((!isset($_POST['bl-username'])) or (!isset($_POST['bl-password']))){
		// do loginform
		if (!isset($_GET['userpg'])){
			$bodycontent = "<form method=POST action=".$_SERVER['PHP_SELF']."?".$_SERVER['QUERY_STRING'].">".
			"<p>Login Form</p>".
			"<p>Username : <input type=text name=bl-username size=20></p>".
			"<p>Password : <input type=password name=bl-password size=20></p>".
			"<p><input type=submit value=Submit name=B1><input type=reset value=Reset name=B2></p>".
			"</form>";
		}
		if (isset($_GET['userpg'])){
			// this should fix a small bug in the code
		}
	}
	if ((isset($_POST['bl-username'])) && (isset($_POST['bl-password']))){
		// do loginprocess
		if ((!file_exists("./auth/users/".$_POST['bl-username'].".usr")) && (!file_exists("./auth/adminusers/".$_POST['bl-username'].".usr")) && (!file_exists("./auth/godusers/".$_POST['bl-username'].".usr"))){
			//do registration form
			if (($pgauth != "god") && ($pgauth != "admin")){
				if ((!isset($_POST['reg-bl-username'])) or (!isset($_POST['reg-bl-password'])) or (!isset($_POST['regemail'])) or (!isset($_POST['regpic'])) or (!isset($_POST['regsig']))){
					// do register form with username and password	
					$bodycontent = "By Clicking on the submit button you are Accepting all of the Terms and Conditions of this website!<Br>".
					"<form method=POST action=".$_SERVER['PHP_SELF']."?".$_SERVER['QUERY_STRING']."&userpg=register>".
					"<p>Registration Form</p>".
					"<p>Username : <input type=text name=reg-bl-username value=".$_POST['bl-username']." size=20></p>".
					"<p>Password : <input type=password name=reg-bl-password value=".$_POST['bl-password']." size=20></p>".
					"<p>Email : <input type=text name=regemail size=40></p>".
					"<p>User Picture URL : <input type=text name=regpic size=40 value=http://www.urltoimage.com></p>".
					"<p>Signature : <br><textarea rows=6 name=regsig cols=38>-- Default User Signature --</textarea></p>".
					"<p><input type=submit value=Submit name=B1><input type=reset value=Reset name=B2></p>".
					"</form>";
				}
			}
			if (($pgauth == "god") or ($pgauth == "admin")){
			// Wot
			$bodycontent = "You Must Have An Account to Login";
			}
		}
		if ((file_exists("./auth/users/".$_POST['bl-username'].".usr")) or (file_exists("./auth/admins/".$_POST['bl-username'].".usr")) or (file_exists("./auth/godusers/".$_POST['bl-username'].".usr"))) {
			//do login
			if (file_exists("./auth/users/".$_POST['bl-username'].".usr")){
				// this is a normal user
				$theuserfile = file_get_contents( "./auth/users/".$_POST['bl-username'].".usr");
			}
			if (file_exists("./auth/admins/".$_POST['bl-username'].".usr")){
				// this is an administrator
				$theuserfile = file_get_contents( "./auth/admins/".$_POST['bl-username'].".usr");
			}
			if (file_exists("./auth/godusers/".$_POST['bl-username'].".usr")){
				// this is a goduser
				$theuserfile = file_get_contents( "./auth/godusers/".$_POST['bl-username'].".usr");
			}
			$getuserdetails = explode("|", $theuserfile);
			$realpass = $getuserdetails[0];
			if ($_POST['bl-password'] == $realpass){
				// the password check has returned true
				setcookie("loggedin", $_POST['bl-username'], time()+31449600); 
				$bodycontent = "You Have logged in sucessfully click <a href=".$_SERVER['PHP_SELF']."?".$_SERVER['QUERY_STRING'].">here</a> to continue"; 
			}
			if ($_POST['bl-password'] != $realpass){
				// the password check has returned false
				$bodycontent = "The Password you entered does not correspond to this Username!".
				"<form method=POST action=".$_SERVER['PHP_SELF']."?".$_SERVER['QUERY_STRING'].">".
				"<p>Login Form</p>".
				"<p>Username : <input type=text name=bl-username size=20 value=".$_POST['bl-username']."></p>".
				"<p>Password : <input type=password name=bl-password size=20></p>".
				"<p><input type=submit value=Submit name=B1><input type=reset value=Reset name=B2></p>".
				"</form>";
			}

		}
	}		
}

All Help & Constructive Criticism are very welcome

halojoy

you should try in
PHP Help, Coding forum
and be sure to be very specific and tell all errors precisely!

thephpguy

I wrote a simple file based authentication class just the other day....

<?
/*
	Simple File Based Authentication System
	Written by w.geoghegan [at] gmail [dot] com
*/

error_reporting(E_ALL);

class GuardDog {
var $USERS_FILE = 'USERS.GD';
var $USERTABLE = array();

function GuardDog() {
	$this -> LoadUsers();
}

function Login($gdUser,$gdPwd) {
	$_SESSION['gdUser'] = $gdUser;
	$_SESSION['gdPwd'] = md5($gdPwd);

	return $this -> CheckUser();
}

function Logout() {
	session_destroy();
}

function CheckUser() {
	if (!isset($_SESSION['gdUser']))
		return false;
	else {
		$gdUser = $_SESSION['gdUser'];
		$gdPwd = $_SESSION['gdPwd'];

		if (isset($this -> USERTABLE[$gdUser])) {
			if ($this -> USERTABLE[$gdUser] == $gdPwd)
				return true;
			else
				return false;
		} 
		else 
			return false;
	}
}

function LoadUsers() {
	unset($this -> USERTABLE);
	$f = fopen($this -> USERS_FILE, "r") or DIE("<b>GuardDog - Fatal Error:</b> Unable to open {$this -> USERS_FILE} for read access");
	while (!feof($f)) {		
		$line = fgets($f, 1024);
		if (trim($line) != '') {
			$bits = split("\|", $line);
			$this -> USERTABLE[trim($bits[0])] = trim($bits[1]);
		}
	}
	fclose($f);
}

function CreateUser($gdUser,$gdPwd) {
	if (!isset($this -> USERTABLE[$gdUser])) {
		$f=fopen("USERS.GD", "a+");
		fwrite($f, "$gdUser|" . md5($gdPwd) . "\r\n");
		fclose($f);

		return true;
	}
	else
		return false;
}

function DeleteUser($gdUser) {
	if (isset($this -> USERTABLE[$gdUser])) {
		unset($this -> USERTABLE[$gdUser]);
		$f = fopen($this -> USERS_FILE, "w") or DIE("<b>GuardDog - Fatal Error:</b> Unable to create {$this -> USERS_FILE} for write access");

		foreach ($this -> USERTABLE as $key => $value) {
			fwrite($f, "$key|$value\r\n");
		}

		fclose($f);
		$this -> LoadUsers();
		return true;
	}
	else
		return false;
}


}
?>

The below is an example of how to use this class...

<?
	session_start();
	require("guarddog.php");

$GD = new GuardDog();

if (isset($_GET['logout'])) {
	$GD -> Logout();
	DIE('You have been logged out.<br>Click <a href="index.php">here</a> to continue....');
}

if ($GD -> Checkuser() == false) {
	if (!isset($_POST['gdUser'])) {

	?>

		<form action="index.php" method="POST">
			Username: <input type="textbox" name="gdUser"><br>
			Password: <input type="textbox" name="gdPwd"><br>
			<input type="submit" value="Login">
		</form>

	<?
	}
	else
	{
		if ($GD -> Login($_POST['gdUser'], $_POST['gdPwd']) == false)
			print 'Login failed!<br>Click <a href="index.php">here</a> to try again.';
		else
			print 'Login Success!<br>Click <a href="index.php">here</a> to continue....';
	}
}
else
{

	if (!isset($_GET['create'])) {
	}
		else
	{
		if ($GD -> CreateUser($_GET['user'], $_GET['pwd']) == true) 
			print "User created OK!<br><br>";
		else
			print "User could not be created! Already exists?!<br><br>";
	} 

	if (isset($_GET['delete'])) {
		if ($GD -> DeleteUser($_GET['user']) == true) 
			print "User Deleted OK!<br><br>";
		else
			print "User could not be deleted! Doesn't exist?!<br><br>";
	}

	print "You are logged in as {$_SESSION['gdUser']}.<br><br><a href=\"index.php?create=1&user=dave&pwd=dave\">This link</a> CREATES another user with username DAVE, password DAVE<br>
			<br><a href=\"index.php?delete=1&user=dave\">This link</a> DELETES a user with username DAVE<br>
			<br>Click <a href=\"index.php?logout\">here</a> to logout.";		


}

?>

Hope this helps 🙂