|
PHP - Php Login Flat File Db- Security Question
I have a login system that uses a flat file database. The flat file is in a directory outside the public_html. My questions;
1- Is is still possible to hack into that file? Currently I do not encrypt the passwords as I have been told that having the file outside the public_html makes the file unavailable to the public. This allows me the advantage of sending the Username and Password to the user in an email if they forget there password or username. Otherwise- I would have to set up a more complicated method to allow them to change their password to re-gain access to the site. I have an SSL on the site also so I am not worried about packet sniffing. Thanks Similar TutorialsI am creating a guestbook for a friend who has access to a hosting server for free, however they are reluctant to let us create databases so i have used a flat file system to create a simple login and register system. On this site I have also included a flatfile guestbook, I've not coded this from scratch as I'm just not php freak enough for it. The guestbook requires a name and email address to submit a post, i would like to change this so that it takes the details straight from the flatfile and not be displayed at all if there is no-one logged in. Guestbook.php <?php // find out the domain: $domain = $_SERVER['HTTP_HOST']; // find out the path to the current file: $path = $_SERVER['SCRIPT_NAME']; $url = "http://" . $domain . $path ; extract($_POST); if($Submit){ $date = date('D d Y h:i'); $comment=eregi_replace("\r\n","*",$comment); $comment=eregi_replace("\n","*",$comment); $fp = fopen("bin/guestbook.nfo","a+"); if(!$fp) { echo 'Error: Cannot open file.'; exit; } fwrite($fp, $date."||".$name."||".$email."||".$comment."\n"); fclose($fp); } ?> <div align="center"> <h2><span class="style1">Guestbook </span><br> </h2> </div> <form name="form1" method="post" action="<?php echo $url;?>"> <label>Name <input type="text" name="name"> </label> <label>Email <input type="text" name="email"> </label> <p> </p> <p> comment<br> <textarea name="comment" cols="40" rows="10"></textarea> <br> <label> <input type="submit" name="Submit" value="Sign"> </label> <br> </p> </form> <hr> <?php $userinfo = file("cgi-bin/guestbook.nfo"); echo '<table border="0">'; foreach($userinfo as $val) { //explode that data into a new array: $data = explode("||", $val); echo '<tr><td>'.$data[0].'</td></tr>'; echo '<tr><td>'.$data[1].' Wrote:</td></tr>'; $data[3]=eregi_replace("\*","<br>",$data[3]); echo '<tr><td>'.$data[3].'</td></tr>'; echo '<tr><td>Email:'.$data[2].'<hr></td></tr>'; } echo '</table>'; ?> Hello Mates, I am in need of help. I have a Flat File News Script. I am not sure how to build the Delete script.. i am not knew to PHP but kinda new to Flat File Database.. the reason why im using FFD is because my service doesn't allow mysql on the cheaper priced web pages.. i have 4 fields ID || user_name || title || message i want it to check the id because it will be in the url like http://webpage.com/delete_news.php?id=3 and the id 3 and the other fields in id 3 is deleted. Thank you Valkeri2010 This topic has been moved to Miscellaneous. http://www.phpfreaks.com/forums/index.php?topic=315620.0 Hi, I use MySQL for real projects of course... but, I like to challenge myself and I was wondering how people make advance applications with Flat File databases... My questions are... >Display >Reading The Flat File Data >Sorting it Alphabetically For Display >How to create a WHERE clause affect with the data >Storage >Adding Records >Deleting Records >Editing Records I went over a lot of this on my own, but I'm stuck on certain parts because google only has so much on Flat File Databases... also how would u secure a Flat File Database from someone just simply direct linking to it and viewing it? I currently have a flat file user registration and login in system. I also have a simple guestbook which i didn't code myself, the guest book currently requires the user to type in there name and e-mail address to make a post. how ever i would like them to have to login and if they aren't logged in then don't display the guestbook. Live version: B50crew.co.uk Guestbook.php: Code: [Select] <?php // find out the domain: $domain = $_SERVER['HTTP_HOST']; // find out the path to the current file: $path = $_SERVER['SCRIPT_NAME']; $url = "http://" . $domain . $path ; extract($_POST); if($Submit){ $date = date('D d Y h:i'); $comment=eregi_replace("\r\n","*",$comment); $comment=eregi_replace("\n","*",$comment); $fp = fopen("bin/guestbook.nfo","a+"); if(!$fp) { echo 'Error: Cannot open file.'; exit; } fwrite($fp, $date."||".$name."||".$email."||".$comment."\n"); fclose($fp); } ?> <div align="center"> <h2><span class="style1">Guestbook </span><br> </h2> </div> <form name="form1" method="post" action="<?php echo $url;?>"> <label>Name <input type="text" name="name"> </label> <label>Email <input type="text" name="email"> </label> <p> </p> <p> comment<br> <textarea name="comment" cols="40" rows="10"></textarea> <br> <label> <input type="submit" name="Submit" value="Sign"> </label> <br> </p> </form> <hr> <?php $userinfo = file("cgi-bin/guestbook.nfo"); echo '<table border="0">'; foreach($userinfo as $val) { //explode that data into a new array: $data = explode("||", $val); echo '<tr><td>'.$data[0].'</td></tr>'; echo '<tr><td>'.$data[1].' Wrote:</td></tr>'; $data[3]=eregi_replace("\*","<br>",$data[3]); echo '<tr><td>'.$data[3].'</td></tr>'; echo '<tr><td>Email:'.$data[2].'<hr></td></tr>'; } echo '</table>'; ?> Login: Code: [Select] <?php // find out the domain: $domain = $_SERVER['HTTP_HOST']; // find out the path to the current file: $path = $_SERVER['SCRIPT_NAME']; $url = "http://" . $domain . $path ; extract($_POST); if($Submit){ $date = date('D d Y h:i'); $comment=eregi_replace("\r\n","*",$comment); $comment=eregi_replace("\n","*",$comment); $fp = fopen("bin/guestbook.nfo","a+"); if(!$fp) { echo 'Error: Cannot open file.'; exit; } fwrite($fp, $date."||".$name."||".$email."||".$comment."\n"); fclose($fp); } ?> <div align="center"> <h2><span class="style1">Guestbook </span><br> </h2> </div> <form name="form1" method="post" action="<?php echo $url;?>"> <label>Name <input type="text" name="name"> </label> <label>Email <input type="text" name="email"> </label> <p> </p> <p> comment<br> <textarea name="comment" cols="40" rows="10"></textarea> <br> <label> <input type="submit" name="Submit" value="Sign"> </label> <br> </p> </form> <hr> <?php $userinfo = file("cgi-bin/guestbook.nfo"); echo '<table border="0">'; foreach($userinfo as $val) { //explode that data into a new array: $data = explode("||", $val); echo '<tr><td>'.$data[0].'</td></tr>'; echo '<tr><td>'.$data[1].' Wrote:</td></tr>'; $data[3]=eregi_replace("\*","<br>",$data[3]); echo '<tr><td>'.$data[3].'</td></tr>'; echo '<tr><td>Email:'.$data[2].'<hr></td></tr>'; } echo '</table>'; ?> Session.php <?php class user { var $file_dir = ""; function start($time = 3600) { session_set_cookie_params($time , ''); session_name('afroxav-login'); session_start(); // Reset the expiration time upon page load if (isset($_COOKIE['afroxav-login'])) { setcookie('afroxav-login', $_COOKIE['afroxav-login'], time() + $time, '', 'localhost', 0, 1); } if (!isset($_SESSION['info'])) { $this->data = array('name' => 'Anonymous', 'logged' => false); } else { $this->data = $_SESSION['info']; } } function check_login() { if ($this->data['logged'] !== true) { return false; } else if ($this->data['logged'] === true) { if ($this->data['name'] !== 'Anonymous') { return true; } return false; } return false; } function login($user, $pass) { $logins_raw = @file_get_contents($this->file_dir . 'users.php'); $logins_processed = str_replace('<?php exit; ?>', '', $logins_raw); $logins_array = explode('\n', $logins_processed); foreach ($logins_array as $id => $line) { $logins[$id] = explode('|', $line); } $pass = $this->hash_pass($pass); foreach ($logins as $user_info) { if ($user_info[1] == $user) { if ($user_info[2] == $pass) { $this->update_session($user_info); return true; } } } return false; } function hash_pass($string) { return hash('sha512', $string); } function logout() { $_SESSION['info'] = array('name' => 'Anonymous', 'logged' => false); $this->data = $_SESSION['info']; return true; } function prep_reg_array($name, $pass, $email, $mod = 'false', $admin = 'false') { $id_raw = @file_get_contents($this->file_dir . 'id.php'); $id = str_replace('<?php exit; ?>', '', $id_raw); $id = $id + 1; @file_put_contents($this->file_dir . 'id.php', '<?php exit; ?>' . $id); return array($id, $name, $this->hash_pass($pass), $email, $mod, $admin); } function register($userdata) { $write = file_put_contents($this->file_dir . 'users.php', '\n' . implode('|', $userdata), FILE_APPEND); return ($write !== false) ? true : false; } function update_session($array) { $_SESSION['info'] = array( 'id' => $array[0], 'name' => $array[1], 'pass' => $array[2], 'email' => $array[3], 'mod' => $array[4], 'admin' => $array[5], 'logged' => true ); $this->data = $_SESSION['info']; } }; //html related functions //not related at all with the sessions function html_start($title) { header('Content-type: text/html'); echo "<html>\n"; echo "<head>\n"; echo "<title>\n"; echo $title; echo "</title>\n"; echo "</head>\n"; echo "<body>\n"; echo "<h1>\n"; echo $title; echo "</h1>\n"; } function html_nav() { global $user; echo "<div>\n"; echo "Navigation\n"; echo "<ul>\n"; echo "<li><a href=\"?page=home\">Home</a></li>\n"; if ($user->check_login() == true) { echo "<li><a href=\"?page=logout\">Log Out</a></li>\n"; } else { echo "<li><a href=\"?page=login\">Log In</a></li>\n"; echo "<li><a href=\"?page=register\">Register</a></li>\n"; } echo "</ul>\n"; echo "</div>\n"; } function html_end() { echo "</body>\n"; echo "</html>\n"; } ?> I want to make the news feed on my website easier to maintain. I just created a form that I will use to add the information. The form saves the files that it creates as "entry-date-time.txt" and places it in a folder for the year and a sub folder for the month. Such as "2011\09". I have displayed data from a single flat file before, but I am unsure how to go about displaying the data from multiple files. Can anyone show me an example? I want to be able to paginate the data, displaying a number of updates per page from newest to oldest. I don't have MySQL access on the server or I'd just use that, instead. Given this script: <?php $file = file('info.txt'); $statelist = array (1=> "California", "Florida", "Illinois", "New York", "Texas"); foreach ($file as $line => $data) { list($state, $abbrev, $population) = explode('|', trim($data)); for ($x=1; $x<5; $x++) { if ($statelist[$x] == $state) { echo $state . ", " . $abbrev . " - " . $population . '<br />'; } } } ?> and this flat file (info.txt): Code: [Select] California|CA|36,756,666 Texas|TX|24,326,974 New York|NY|19,490,297 Florida|FL|18,328,340 Illinois|IL|12,901,563 This is what is outputted: Code: [Select] California, CA - 36,756,666 Texas, TX - 24,326,974 New York, NY - 19,490,297 Florida, FL - 18,328,340 Illinois, IL - 12,901,563 How can I sort the output by the index value of the "statelist array" so get this output: Code: [Select] California, CA - 36,756,666 Florida, FL - 18,328,340 Illinois, IL - 12,901,563 New York, NY - 19,490,297 Texas, TX - 24,326,974 Could ksort($statelist) be implemented? Folks, I have a flat file or CSV, which has the tree structure of the Nesed Categories (All are delimited by either > or tab, it can be set easily). I want a PHP/Mysql code/routine that i can automaticaly create a table in MYsql with Parent Child relationship. Logic is there in my mind, every distinct Node will be an ID which while every child node will have the PID (parent ID) of its Parent. So the below data from flat file (Actual Data can be N Level Deep at least 4 Level): Electronics Electronics > Phones Electronics > Phones > Iphone Electronics > Phones > LG Electronics > Phones > Samsung Electronics > Phones > Samsung > 3G Electronics > Laptops Electronics > Laptops > Dell Electronics > Laptops > Sony Electronics > Laptops > HP Electronics > Laptops > HP > Core 2 Duo Will look like this in Mysql Table Structu Quote http://pastie.org/1592730 This is the Logic i need ot adopt, but i have no clue on how to code it to extract in this table structure and define this paren tchild mapping automatically. Can someone Help me out wiht this? Cheers Natasha T This topic has been moved to JavaScript Help. http://www.phpfreaks.com/forums/index.php?topic=333509.0 it is displaying the lastnames in the order they are in the profile but do not know how to get it to sort by lastname - please help <?php $lines = file('database/profile.txt'); foreach($lines as $thisline){list($p_id,$p_status,$p_filestart,$p_filemodified,$p_first,$p_middle,$p_last,$p_nick) = explode('|',$thisline);{ $names []= $p_last.', '.$p_first.' '.$p_middle.'.'; foreach($names as $value); {echo ''.$value.'<br>';}}} ?> I am pretty new to php and trying to teach myself. I can't get the values from this form to write to my flat file called orders.txt: browse_index.php <?php include("includes/menu_members.php") ?> <div id="content"> <h1>SHOPPING CART</h1> <a href="browse_index.php">CLICK HERE TO CONTINUE SHOPPING</a> <?php echo ' <table border="0"> <tr> <td><form id="f2" method="post"name="f2"><input type="submit" action="order_summary.php" name="submit2" value="submit order"></td> '; if(isset($_POST['submit'])) { $itemname = $_POST['h1']; //echo $_SESSION['itemname'][$itemname]; unset($_SESSION['itemqty'][$itemname]); unset($_SESSION['itemprice'][$itemname]); unset($_SESSION['itemname'][$itemname]); } echo "<br/><br/>"; echo "<table border='8' bgcolor='#efefef'>"; echo "<tr><th>Name</th><th>Quantity</th><th>Price</th><th>Subtotal</th></tr>"; foreach($_SESSION['itemname'] as $key=>$value) { echo '<tr><td><b>'.$_SESSION['itemname'][$key].'</b></td> <td>'.$_SESSION['itemqty'][$key].'</td> <td>$'.$_SESSION['itemprice'][$key].'</td> <td name="subtotal">$'.($_SESSION['itemqty'][$key] * $_SESSION['itemprice'][$key]).'</td> <td><form id="f1" method="post" name="f1"><input type="submit" name="submit" value = "delete"><input type="hidden" name="h1" value='.$key.'></td></tr>' ; } ?> order_summary.php: <?php session_start (); $date = date ("H:i jS F"); $outputstring = $date."/t" .$_POST['h1']. ":" .$_SESSION['itemqty'][$key]. ":" .$_SESSION['subtotal'][$key]. ":" ."\n"; $fp = fopen("orders.txt","a"); fwrite($fp, $outputstring); fclose($fp); ?> Can someone direct me where I am going wrong??? Can someone please help to find the most important login precautions in terms of security. For example, I'think the most important is: 1. string escaping, prevent SQL injections 2. 3. ... I know It's hard to find and consider all of them, that's why I'd like to have a list of the most important. i just discovered a hole in my scripts relating to access . 1. have a simple login form 2. based on the type of user , he is directed to a page for his options . 3. I now realise that altho each page therefter checks for sessions of the user , he can easily change the url to that of another user and there is no way to prevent it. 4. How can i make sure that each time a page is accessed it is only by the user whom it is meant for. Relevant code snippets below . Thanks ! Swati login.php --------- <?php //error_reporting(E_ERROR | E_PARSE | E_CORE_ERROR); //Process this if statement only if form was submitted if($_POST['submit']){ session_start(); $username=$_POST['username']; $password=$_POST['password']; include ("link.php"); // contains db info //Test for login success $sql = "SELECT * FROM Users WHERE Username='$username' AND Password = '$password'"; $result = mysql_query($sql); if ($myrow = mysql_fetch_assoc($result)){ // echo $sql; $login_success = 'Yes'; $userid = $myrow["Userid"]; $usertype = $myrow["UTID"]; $status = "On"; $url = $PHP_SELF."?".$_SERVER['QUERY_STRING'];; $logout = 'logout.php'; $_SESSION['id']=session_id(); $_SESSION['userid']=$userid; $_SESSION['usertype']=$usertype; $sql2= "insert into Log (Sessionid,Userid,IP,Date,File, Status) values('$_SESSION[id]','$userid','$ip','$tm', '$url', '$status')"; $result2 = mysql_query($sql2) or die ('no access to database: ' . mysql_error()); // echo mysql_error(); } } } ?> Each subsequent page has this header ============================== <? header("Cache-Control: public"); include ("log.php"); //db info for DB along with session start if(!isset($_SESSION['userid'])){ echo "<center><font face='Calibri' size='2' color=red>Sorry, Please login and use this page </font></center>"; exit;} ?> The url of each page : Code: [Select] www.abc.com/example/type1.php?Userid=USER1ID and such a user can easily change the url to Code: [Select] www.abc.com/example/type2.php?Userid=USER1ID and access all the options of type2.php I am a bit concerned about using this code here, is there anyway of better authenticating a user? Just concerned about the usual ones like session hijacking, not really SQL injection (as I have put mysql_real_escape_string function below), but also XSS attacks etc, how would I go about improving this script? <?php ini_set('display_errors', 0); require_once 'header.html'; require_once 'db.functions.php'; require_once 'config.php'; $message = 'To login please enter your user information below'; $database = dbConnect($host, $username, $password, $database); // should output 1 or nothing at all! if($database == true) { if(array_key_exists('submit',$_POST)) { if($_POST['username'] != '' && $_POST['password'] != '') { // carry on with logging in process: $username = mysql_real_escape_string($_POST['username']); $password = mysql_real_escape_string(sha1($_POST['password'])); $sql = "SELECT username, password FROM users WHERE username = '$username' AND password = '$password'"; $result = mysql_query($sql); if($result) { // query worked now try and log them in: $result = mysql_num_rows($result); if($result == 1) { // do a query to retrieve users information: $sql = "SELECT username, password FROM users WHERE username = '$username' AND password = '$password'"; $result = mysql_query($sql); $user = mysql_fetch_array($result); session_start(); $_SESSION['login'] = 1; $_SESSION['username'] = $user[0]; header("location: index.php"); } else { $message = 'You entered a wrong username or password please try again'; } } else { $message = 'Could not query database for some reason, please try again later'; } } else { // output an error message to the user: $message = 'You did not enter all the required fields to login, please retry'; } } } else { $message = 'Could not connect to database, please try again later'; } printf("<p>%s</p>",$message); echo <<<USER_LOGIN <form id="login" name="login" method="post" action="{$_SERVER['PHP_SELF']}"> <p><label for="username">Username: </label> <input type="text" id="username" name="username" value="{$username}" /> </p> <p><label for="password">Password: </label> <input type="password" id="password" name="password" value="" /> </p> <input type="submit" id="submit" name="submit" value="Login" /> </form> USER_LOGIN; require_once 'footer.html'; Works quite well to be honest, but just wondered if there's anything I can do to improve my example blogs security, any suggestions are helpful, Jez. I'm trying to create a simple session on a form page that determines if you've signed in. If you haven't, it kicks you to the login page. But for some reason, what I have isn't doing that. When I open the page, it loads, but only prints the url on a blank page, instead of actually going to the url. Code: [Select] <html> <title>form</title> <link rel="stylesheet" type="text/css" href="style.css"> <body> <?php session_start(); if(isset($_SESSION['id']) && is_numeric($_SESSION['id'])) { if (isset($_POST['submitted'])) { $errors = array(); if (empty($_POST['scientific_name'])) { $errors[] = 'you forgot to enter the scientific name'; } else { $sn = trim($_POST['scientific_name']); } if (empty($_POST['common_name_english'])) { $errors[] = 'you forgot to enter the common name'; } else { $cne = trim($_POST['common_name_english']); } $description4 = trim($_POST['common_names_spanish']); $description5 = trim($_POST['common_names_french']); $description6 = etc. etc. if (empty($errors)) { require_once ('3_z_mysq1_c0nn3ct.php'); $query = "INSERT INTO plantae (scientific_name, common_name_english, etc.) VALUES ('$sn', '$cne', '$description4', '$description5', '$description6', '$description7', etc.)"; $result = @mysql_query ($query); if ($result) { if(isset($_POST['scientific_name'])) { $plant_id=mysql_insert_id(); } exit(); } else { echo 'system error. No plant added'; echo '<p>' . mysql_error() . '<br><br>query:' . $query . '</p>'; exit(); } mysql_close(); } else { echo 'error. the following error occured <br>'; foreach ($errors as $msg) { echo " - $msg<br>\n"; } } // end of if } // end of main submit conditional echo '<form action="insertaplant1.php" method="post"><fieldset><legend><b>Enter your new plant here</b></legend> form fields here. </form>'; } else { $url = 'http://'.$_SERVER['HTTP_HOST'].dirname($_SERVER['PHP_SELF']); if((substr($url, -1) == '/') OR (substr($url, -1) == '\\') ) { $url = substr($url, 0, -1); } $url .= '/login.php'; echo $url; exit(); } ?> If you are a PHP expert, then I really your help. I have a question regarding PHP sessions and their security. So here is my story ... I created a login script (login.php) for my website. When a user goes to the login.php page, they see a login form that they must fill with their username and password to login to the members' area and view their profile, etc. On that login page, when the user enters their username and password and then clicks the "Login" button, my script filters the data, sends MySQL query and checks if the login is valid. If the login is NOT valid, then they get a "Login Failed" message. If the login is valid, I register their username and the password in sessions and redirect them to the members.php page. Here is some of my code for my login.php page after mysql confirms the login is valid <?php $query = mysql_query('SELECT * FROM `users` WHERE username='$user' AND password='$pass'"); $numRows = mysql_num_rows($query); if ( $numRows ) { // login is valid $_SESSION['username'] = $user; $_SESSION['pass'] = $pass; // redirect user to members area header('Location: /members.php'); } else { // login is invalid echo "Login failed"; } ?> My question is ... is this login script secured? I mean, I am not generating any session id or any cookie. I am just storing the username and the password in two session variables and those are the things that i will use to display the user's profile, etc. Can attackers attack this script? Is this secured or is there any other way I can make it stronger? Hi everyone! I have a question that might sound silly... I have stored in my database a url to a pic and some other data. I am unsure if when I retreive data from my database I need some sort of protection. I usually sanitize and prevent SQl injections when I code forms but I am not sure if I have to do the same when I get data from the database. Thanks for your help. Veronica Hey people, I was going over an old script of mine the other day and I ran I web vulnerability scanner on it to see how secure it was and I got an XSS warning, now this puzzles me because I am not entirely sure how this affects the script and what can/can't be done, this script is old so I will paste the relevant bits in here, it was playing with the $page variable. What damage could you do and how would you remedy the problem? Code: [Select] if(isset($_GET['page'])) { if($_GET['page'] > $numpages) { $page = 1; } else { $page = $_GET['page']; } } else { $page = 1; } echo ('<strong style="margin-top: 4px; margin-left: 3px;">Page ' . $page . ' of ' . $numpages . '</strong></p>'); By putting a non-number in there like hello.php?page=Hello, it simply output the word hello so I am not fully sure what the security implications are and how insecure it really is. Might sound like a dumb question but it's been nagging at me. Thanks for reading! Hi, My ISP doesn't allow direct access to mysql Server so I created a bridge and stored the PHP code in the main web folder (https://www.mydomain.com/post.php). The bridge works fine and is used mainly for my IOT projects. In the same web folder, is located the conn.php code containing the server's credentials. The question is, how safe is the PHP code at that location? I can create a subfolder but not sure if it matters as far as security is concerned. TIA Im making a map atm which will have tokens"not sure what you call them" in the link like map.php?id=token Well I dont want a 3rd party coming along in the future and making their own map using my y and x cords. So I was thinking maybe the best way around this is to use a encryption in the link? so encrypting the x and y cords in the link. Anyone have any ideas on this. Also I was wondering is it impossible for php to know when somone clicks a link? I was googling around and it doesnt seem like you cant simply use a $_POST for a link |
|||||||