PHP Help - mySQL & Sessions

Trigs · 10-02-2009, 10:13 PM

First Problem

For some reason mysql_fetch_array(); is showing up as an invalid function.

http://daniel.valvi.co.uk/thf/login_check.php

I'm not sure what the problem is...

Second Problem

Never used sessions before. What should I do in order to ensure the security of my application when using sessions? Should I clean the session variables, should I regenerate a session after each login, etc.

Agnostic Bear · 10-02-2009, 10:40 PM

Post the code.

Trigs · 10-02-2009, 10:44 PM

PHP Code:


$username = clean($_POST['username']);
$password = clean(encrypt($_POST['password']));
$result = mysql_query("SELECT * FROM users WHERE username='$username' AND password='$password'"); 
$row = mysql_fetch_array($result); 
$id = $row['id']; 
$select_user = mysql_query("SELECT * FROM users WHERE id='$id'"); 
$row2 = mysql_fetch_array($select_user); 
$user = $row2['username']; 
$get_level = mysql_query("SELECT * FROM users WHERE username='$username' AND id='$id'");
$row5 = mysql_fetch_array($get_level);
$level = $id['level'];
$pass_check = mysql_query("SELECT * FROM users WHERE username='$username' AND id='$id'"); 
$row3 = mysql_fetch_array($pass_check); 
$select_pass = mysql_query("SELECT * FROM users WHERE username='$username' AND id='$id'"); 
$row4 = mysql_fetch_array($select_pass); 
$real_password = $row4['password'];

That's login_check.php

Config.php which is require_once'd in the code contains the db conn.

PHP Code:


$db_name = 'localhost';
$db_user = 'removed for security purposes';
$db_pass = 'removed for security purposes';
$conn = mysql_connect($db_name,$db_user,$db_pass);
$dbconn1 = mysql_select_db('removed for security purposes', $conn);

Fehm · 10-02-2009, 10:46 PM

I cant help you with your first problem but for sessions,
- Make sure you destroy all sessions when the person closes the browser
- Definately create new sessions on login and dont add a remember me function if you are that bothered

- Make sure that session ID' arent in the browser link, if your using them in the links
- if youve given people a session before they log in, make sure that you assign them a new one when they do log in.

LOL i probably havent helped. lol

Trigs · 10-02-2009, 10:49 PM

- Make sure you destroy all sessions when the person closes the browser
Doesn't that happen automatically?

- Definately create new sessions on login and dont add a remember me function if you are that bothered
Yep already done that.
- Make sure that session ID' arent in the browser link, if your using them in the links
How would I do that?

- if youve given people a session before they log in, make sure that you assign them a new one when they do log in.
Thanks

Excellent2 · 10-02-2009, 11:59 PM

Originally Posted by Fazon

PHP Code:


$username = clean($_POST['username']);
$password = clean(encrypt($_POST['password']));
$result = mysql_query("SELECT * FROM users WHERE username='$username' AND password='$password'"); 
$row = mysql_fetch_array($result); 
$id = $row['id']; 
$select_user = mysql_query("SELECT * FROM users WHERE id='$id'"); 
$row2 = mysql_fetch_array($select_user); 
$user = $row2['username']; 
$get_level = mysql_query("SELECT * FROM users WHERE username='$username' AND id='$id'");
$row5 = mysql_fetch_array($get_level);
$level = $id['level'];
$pass_check = mysql_query("SELECT * FROM users WHERE username='$username' AND id='$id'"); 
$row3 = mysql_fetch_array($pass_check); 
$select_pass = mysql_query("SELECT * FROM users WHERE username='$username' AND id='$id'"); 
$row4 = mysql_fetch_array($select_pass); 
$real_password = $row4['password'];

That's login_check.php

Config.php which is require_once'd in the code contains the db conn.

PHP Code:


$db_name = 'localhost';
$db_user = 'removed for security purposes';
$db_pass = 'removed for security purposes';
$conn = mysql_connect('$db_name','$db_user','$db_pass');
$dbconn1 = mysql_select_db('removed for security purposes', $conn);

Edited. Sessions are easy to secure. You could just use a little function for that:

PHP Code:


function cleanme($string) {
$string = htmlspecialchars($string);
$string = mysql_real_escape($string);
$string = stripslashes($string);
return $string;
}

Plus, make sure there is actually data in the database.

Agnostic Bear · 11-02-2009, 02:12 AM

Originally Posted by Excellent2

Edited. Sessions are easy to secure. You could just use a little function for that:

PHP Code:


function cleanme($string) {
$string = htmlspecialchars($string);
$string = mysql_real_escape($string);
$string = stripslashes($string);
return $string;
}

Plus, make sure there is actually data in the database.

That's a ridiculous function, it undoes whatever you do. I could quite easily type in

Code:

' OR 1=1--

and have it walk straight though.

Trigs · 11-02-2009, 11:06 PM

Yeah I know how to clean the session but what should I do to prevent session stealers?

And what exactly did you edit? I can't see a difference.

~~Blinger1~~ · 11-02-2009, 11:28 PM

Originally Posted by Jewish Bear

That's a ridiculous function, it undoes whatever you do. I could quite easily type in

Code:

' OR 1=1--

and have it walk straight though.

I thought ' OR 1=1-- gets blocked my mysql_real_escape??

Agnostic Bear · 11-02-2009, 11:34 PM

Originally Posted by Blinger

I thought ' OR 1=1-- gets blocked my mysql_real_escape??

stripslashes removes what mysql_real_escape does

Thread: PHP Help - mySQL & Sessions

Thread Tools

PHP Help - mySQL & Sessions

Posting Permissions