Ok I just finished editing the following login script after finding a tutorial for it on the web. It will be used to log a select few users of a website into the CMS of that particular website.. The tutorial I followed didn’t seem to have anything to prevent sql injection attacks so I added my own safe guards (I think). That’s a very big I think as well. The file config.php contains a function, which escapes any data going into the database, this file is at the end of the post.
I also created a file called secure.php which when included into another script will prompt the user for login details if they are not logged in. In the original tutorial the code contained in secure.php was only shown in the auth.php script I think. However moving it to a separate file allows me to protect any script to which it is included. I’ve tested it and it seems to work. But I would like any opinions on what I post below. I’m looking for something that’s as secure as possible. Since I'm still inexperienced with the whole php/mysql thing I'd just like an analysis/advice on what’s been done and whether or not it will suffice.
Here are the scripts:
Initial Login form:
PHP Code:
<form method="post" name="login" action="process.php">
<p>Username : <input type="text" name="username" /></p>
<p>Password : <input type="password" name="password" /></p>
<p><input type="submit" name="submit" value="Submit" /></p>
</form>
<?php
if (isset($_GET['error'])) {
echo 'Invalid login data supplied. Please try again.';
}
?>
Gets passed to process.php:
PHP Code:
<?php
session_start();
require_once 'config.php';
$dbHost = ""; // Database Connection Details - host
$dbUser = ""; // Database Connection Details - username
$dbPass = ""; // Database Connection Details - password
$dbname = ""; // Database Connection Details - database name
$username = safe($_POST['username']); // Stores our inputted data in these variable names
//safe() refers to a function in config.php
$password = safe(md5($_POST['password']));// Stores our inputted data in these variable names
$db = mysql_connect($dbHost,$dbUser,$dbPass); // Connection Code
mysql_select_db($dbname,$db); // Connects to database
$query = "SELECT username, password FROM login WHERE username = '$username' AND password = '$password'";
$result = mysql_query($query, $db);
if(mysql_num_rows($result)) {
$_SESSION['loggedin'] = 1;
header('Location: http://www.example.com/exampleAdmin/admin.php'); //Successful login
exit(); }
else {
header('Location: http://www.example.com/exampleAdmin/form.php?error=1'); //Login not successful redirect back to login form
exit(); }
?>
If successful redirect to the Administration page:
PHP Code:
<?php
require_once 'secure.php';
?>
Welcome to the admin section. <a href="logout.php">Log out</a>.<br />
<a href="#">Add Content</a> //Example menu item I added
When the user clicks "Log out" they go to the following script which logs them out:
PHP Code:
<?php
session_start(); // declare that sessions are being used
session_unset(); // unset sessions
session_destroy(); // now destory them and remove them from the users browser
header('Location: http://www.example.com');// Forwards to a new page after logout
exit(); // exit
?>
Extra pages needed for the previous scripts to work
Any page that needs securing needs to have secure.php included at the top:
PHP Code:
<?php
session_start();
if(!isset($_SESSION['loggedin'])) {
header('Location: http://www.example.com/exampleAdmin/form.php?error=1');
exit();
}
?>
And finally the config.php file that some of the scripts require is:
PHP Code:
<?php
#Cross site Functions Go here
function safe($string) {
return mysql_real_escape_string($string);
}
#Cross site Variables here
//None added
?>
Is this an adequate and secure login system for a sites CMS admin pages? Its the first time I've attempted this so as I said before I’m not too sure about its integrity (if that’s the right word). The original tutorial i followed can be seen Here. Though I’ve obviously changed SELECT statement to suite my database structure. Any sort of advice on this would be appreciated as always.