Security Advice Please

stackumhi

I am trying to make my login form safe(er). Is this the correct way to do this?

My function:

function safedata($value){
   return mysql_real_escape_string(trim($value));
}

My login script:

<?php
$_SESSION['username'] = 0;

if(isset($_POST['username'])){
$username = safedata($_POST[username]);
$password= safedata($_POST[password]);
$password = sha1("$password");

$result = mysql_num_rows(mysql_query("SELECT * FROM ADMINS WHERE email='$username' AND password='$password'"));
   if($result == 1){   

  $_SESSION['username'] = 1;
?>

<script> window.location="main.php";</script>

<?
   }
else{
      echo '<strong style="color:Red">Login invalid! Please try again.</strong>';
   }
}

?>

stackumhi

I guess since none of this information is being sent to the database it does not need to be cleaned?

Is the method sound for forms that DO send data to the DB?

NogDog

Any data being used in the query needs to be sanitized, even if it's not actually stored in the database. Your function looks reasonable to me.

However, this line looks a little confused:

$_SESSION['username'] = 1;

Instead of 1, perhaps it should be $username?

stackumhi

Thanks.

I made the session change you suggested.