|
PHP - Users Are Able To Access Other Users Information.
I just discovered that I have a major security flaw with my website.
Anyone who logs in to the website can easily access other users information as well as delete and edit other users information just by changing the ID variable in the address bar. I have user ID Session started on these pages but still people can do anything they like with other users information just by editing the address bar. For example if your logged in in the address bar of www.mywebsite.com/delete_mystuff.php?id=5 and change the "5" say to a "9" then you will have access to user#9 information. Every important page that I have has this code: Code: [Select] session_start(); if (!isset($_SESSION['user_id'])) { // Start defining the URL. $url = 'http://' . $_SERVER['HTTP_HOST'] . dirname($_SERVER['PHP_SELF']); // Check for a trailing slash. if ((substr($url, -1) == '/') OR (substr($url, -1) == '\\') ) { $url = substr ($url, 0, -1); // Chop off the slash. } // Add the page. $url .= '/index.php'; ob_end_clean(); // Delete the buffer. header("Location: $url"); exit(); // Quit the script. } else { //Else If Logged In Run The Script if((isset($_GET['id'])) && (is_numeric($_GET['id']))) { $id = (int) $_GET['id']; } elseif ((isset($_POST['id'])) && (is_numeric($_POST['id']))) { $id = (int) $_POST['id']; } else { echo ' No valid ID found, passed in url or form element'; exit(); } What am I doing wrong? Please help if you know how to correct this. Many thanks in advance. Similar TutorialsHello
I am trying to work out how many regular users I have to my site and how long those users tend to be users..
So, I have a table that logs every time a user visits my site and logs in, it stores the date / time as a unix timestamp and it logs their user id.
I started by getting the id's of any user who logs in more than 5 times in a specified period, but now I want to extend that...
SELECT userID as user, count(userID) as logins FROM login_history where timestamp > UNIX_TIMESTAMP('2014-06-01 00:00:00') and timestamp < UNIX_TIMESTAMP('2014-07-01 00:00:00') group by user having logins > 5;
Hello all, I have a social network site that has users. Each user has a profile and a id. Myself and two other people are admins and are granted access to certain pages via $admin = true. I have recently hashed everyones passwords. I need to allow admins the ability to proxy a user or login as a different user or become another user for moderation purposes. via OOP there is a $auth->id which is the person's id who is logged in or their user id and $prof->id which is another persons id I am looking at. Meaning if I am looking at someones profile, it is their user id. I am trying to figure out a simple page to create where if $admin you can type a desired id in a input box, press enter and you are all of a sudden logged in as that id. Thanks in advance im new , and ... i hate tutorials .. books .. anything that does not make u part of the deal - .. thats why i started by creating something and learning from my mistakes at the same time .. i like this way of learning .. soo , while im building and trying things out .. i started thinking how the server know the person with this link is really U ? .. when u start just linking pages to each other its just a matter of finding out what is the link to do what ever u want with the users personal pages ! .. i know my questions r stupid but i just hate to go and write lessons without any effort im confused with the concept of SESSIONS and COOKIES , r they the unswer to this security problem ? how u can work with them .. ? im not asking for codes .. just general ideas about users and how they control their profiles and stuff with full security ? ill be very thankful if i get any answer ^^ Hi. my browser ist telling me there are errors on line 3 and 4 for my code. It says summin like Notice: HTTP_CLIENT_IP and HTTP_X_FORWARDED_FOR are unidentified: below is the code see if you can spot anything btw i copied down the code from beginner php tutorial 66 if you type that into youtube . Code: [Select] <?php $http_client_ip = $_SERVER['HTTP_CLIENT_IP']; $http_x_forwarded_for = $_SERVER['HTTP_X_FORWARDED_FOR']; $remote_addr = $_SERVER['REMOTE_ADDR']; if (!empty($http_client_ip)){ $ip_addr = $http_client_ip; }else if(!empty($http_x_forwarded_for)){ $ip_addr = $http_x_forwarded_for; }else{ $ip_addr = $remote_addr; } echo $ip_addr; ?> Thanks MOD EDIT: code tags added. I would get the ip address of the user that is on the site. I used $ip = $_SERVER['REMOTE_ADDR']; and it doesn't show my actual ip. Is it because im using an apache server on my computer. I have used
$sql = "SELECT id, username FROM $tbl_name ORDER BY username";
$result = $con->query($sql);
while ($row = $result->fetch_assoc())
{
echo "<a href='editUser.php?id={$row['id']}'>{$row['username']}</a><br><br>\n";
echo "<style>a {color: blue; text-decoration: none;} a:hover {color: #ff0000} body {background-color: #000;} </style>";
}
in euser.php which echo's out all the users in the database via an anchor tag and includes their id in the url.
but when i click on their name i want to have options like:
- change password
- ban user
e.t.c
and i have tried
$sql = "SELECT id FROM $tbl_name";
$result = $con->query($sql);
while ($row = $result->fetch_assoc()) {
echo "<a href='editUser.php?id={$row['id']}'> Change Password </a>
in my other page editUser.php
it posts Change Password Change Password Change Password and each change password has the 3 ids of the users
this is confusing me.
Hi, I am having serious issues with compatibility with IE7 and below (and even 8 but they should be rectified). There is no way I can have these problems finished before the site is online, so I want to redirect users to a page apologizing and recommending alternative browsers. Is this possible? *Please don't reply just to tell me that banning an entire browser is bad, I know it is - I plan to sort it out. But this is an extra curricular project and I'm halfway through my penultimate year of uni, so IE and it's utterly shambolic rendering of CSS is not my priority. Thankyou* Hi guys, im just trying to work out an app in my head and on paper. im just wondering.. when a user registers they can choose an Avatar 100px by 100px jpg, when they upload one would i then grab the file and store all Avatars in a avatar image folder and rename it to something like.. avatar[user_id].jpg and keep them all in the same folder. or would i crate a folder called users, each user gets their own folder with files like avatar.jpg and it finds the [user_id] folder and pulls the avatar out from that, or is there a more prefered method? cheers how can I list a user from a table and show the results in a grid with different color eg frist in blue color second on white , 3rd on blue 4th in with etc
I do need to set select command and I have db name and ip on a file called dbconfig.php from wd calendar so I just need to read the info
ps: I cant post links so search for wd calendar and see the dbconfig.php in php folder
Hi guys, I am trying to get a admin panel, which when the user is logged in, it will check if there user access is(say for this post) 9... If there access is 9 in the database then direct to admin panel if not return them home. Thanks guys I am basically done with my entire site. I just realized...what happens if 10 users are trying to fwrite to one file at once? that is how i store my usernames passwords signatures and all that jazz. If users cant all fwrite at once my site is not going to work AT ALL. and I might just have to give up haha. good news or bad news? Hello. I have recently been building a user system and trying to code an "Online Users" script for it however it is not working out for me, so I thought I'd come and ask here. I need a script that adds them to the table 'online' when they login and then remove them when they logout. That part is simple to do however I am using sessions and I am trying to figure out a way to check if they are inactive like every 10 minutes, and if they are delete their row from the db. It'd be appreciated if someone could set up a code for this. i need to know how i can check a users level in my login.php page it works i have
$sql = "SELECT * FROM $tbl_name WHERE username = '$username' AND password='$password'";
$result = mysql_query($sql);
$count = mysql_num_rows($result);
$row = mysql_fetch_assoc($result);
$user_level = $row['user_level'];
if($count == 1) {
$_SESSION['loggedIn'] = true;
session_write_close();
header("Location: index.php");
} else {
echo "The username or password you entered is incorrect!";
} if($row['user_level'] == 1) {
header("Location: admin.php");
} else if($row['user_level'] == -1) {
header("Location: banned.php");
}
but i need to know how to check it in another file because it is not working i am trying to add it to admin.php to check the users level & if they are not admin then echo you are not admin. <-- it says that although the user is an administrator it is saying they are not.
This is what i have in admin.php
<?php
require 'connect.php';
session_start();
$sql = "SELECT * FROM $tbl_name WHERE username = '$username' AND password='$password'";
$result = mysql_query($sql);
$row = mysql_fetch_assoc($result);
$user_level = $row['user_level'];
if(!isset($_SESSION['loggedIn'])) {
echo "You are not currently logged in and to view this page you must be logged in to have access. <a href='login.php'> You can login here </a>";
die();
} if($row['user_level'] == 1) {
//DO NOTHING
} else {
echo "Your not an administrator so you are denied access to this page.";
die();
}
?>
Edited by Tom8001, 24 November 2014 - 03:02 PM. I have a bunch of users in a database (id, name, etc).
I have a bunch of documents which belong to users (id, filename, users_id, etc), and expect 500 or less per user.
The documents will be renamed to the document_id, and X-Sendfile (since they are stored under the document root) will be used to retrieve them and a header will be used to return them to their original name.
Is it recommended to make a separate folder for each user and store each individual user's documents in that folder, or create one folder for all documents?
If I go with the one folder approach, I will need some method from keeping the total files per folder below some reasonable limit (1,000?). My thought is to estimate the maximum potential number of folders, and creating subfolders under the main document folder. I will likely hash the ID, and use the first character to create the first subfolder, the second character to create a second subfolder in the first subfolder, and continue as long as needed to accommodate the maximum potential documents (if there are 1,000,000 potential folders, then three levels will keep the maximum per folder under 244).
Please provide rational for one approach over the other.
Thank you
Was just wondering if it's okay to make simple donations to other users on the forum. Just out of generosity.
If true, if I want to make a donation to a specific user how would I go about doing it? Just pm them asking for their paypal?
Edited by Monkuar, 12 October 2014 - 12:08 PM. Hey sup guys i need help Implementing top 10 users script into index.php. I got a screen shot of where it needs to go. I need to Implement it so its inside the grey container as in the picture. Here is the php for the top 10 users : Code: [Select] <span style="float:right;"> <table width="200"> <tr><td colspan="2" align="center">TOP 10 USERS</td></tr> <tr><td align="left"><b>Username<b></td><td align="left"><b>Points</b></td></tr> <?php $i=0; if($num>0){ while ($i < $num) { $username6=mysql_result($result4,$i,"username"); $points6=mysql_result($result4,$i,"points"); $i++; echo "<tr><td>".$username6."</td><td>".$points6."</td></tr>"; Here is the image file for the graphic : Code: [Select] <table width="165" height="236" bgcolor="#FFFFFF" td background="images/tablebg.png" > And here is the index.php : Code: [Select] <? session_start(); include_once"config.php"; if(isset($_POST['login'])){ $username= trim($_POST['username']); $password = trim($_POST['password']); if($username == NULL OR $password == NULL){ $final_report.="Please complete both fields"; }else{ $check_user_data = mysql_query("SELECT * FROM `members` WHERE `username` = '$username'") or die(mysql_error()); if(mysql_num_rows($check_user_data) == 0){ $final_report.="This username does not exist"; }else{ $get_user_data = mysql_fetch_array($check_user_data); if($get_user_data['password'] == $password){ $start_idsess = $_SESSION['username'] = "".$get_user_data['username'].""; $start_passsess = $_SESSION['password'] = "".$get_user_data['password'].""; $final_report.="<meta http-equiv='Refresh' content='0; URL=members.php'/>"; }}}} if(isset($_SESSION['username']) && isset($_SESSION['password'])){ header("Location: members.php"); } ?> <?php include("includes.php");?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <title><?php echo $title ?> | #1 Spot for Free Paid Surveys</title> <link rel="shortcut icon" href="favicon.ico" > <link rel="icon" type="image/gif" href="animated_favicon1.gif" > <meta http-equiv="content-type" content="text/html; charset=utf-8" /> <meta name="description" content="Get free vouchers for online stores such as Amazon, ASOS, iTunes and more. It takes a few seconds to get started. Register now to start shopping for free." /> <link rel="stylesheet" href="style.css" type="text/css" /> <script type="text/javascript" src="js/jquery-1.4.2.min.js"></script> <script type="text/javascript" src="js/script.js"></script> <script type="text/javascript" src="js/dimensions.min.js"></script> <script type="text/javascript" src="js/func.js"></script> <script type="text/javascript" src="js/SHA1.js"></script> <script>var _wau = _wau || []; _wau.push(["tab", "72vlo7dmnb8j", "w12", "bottom-center"]);(function() { var s=document.createElement("script"); s.async=true; document.getElementsByTagName("head")[0].appendChild(s);})();</script> <style> #logoPart { background:#000; height:90px;} #bannerTD { width:900px; height:85px; background-color:#333; background-repeat: no-repeat;} #bannerTD #bannerContainer { width:900px; height:325px; text-align:center;} #bannerTD #bannerContainerCover { width:900px; height:325px; text-align:center;} #bannerTD #bannerBody { height:245px; text-align:center;} #bannerTD #bannerFooter { position: relative; background:#000; height:80px; display:none; width:900px; top: -39px; /* 1x the distance of the footer used to be 78 */ } #bannerTD #bannerFooterNav { position: relative; border: 1px solid grey; top: -117px; /* 2x the distance of the footer used to be 156*/ } .footerCell{ padding:5px; text-align:left; border:0px #F90 solid;} .footerCell .footerTitle {font-family:tahoma, arial; font-size:11px; color:#fff; font-weight: bold;} .footerCell .footerDesc {font-family:tahoma, arial; font-size:11px; color:#efefef;} .footerCell ul {list-style: none; margin: 2px; margin-left: 75px; padding-left: 10px;} .footerCell ul li {margin: 2px; line-height: 13px; padding: 0;} .footerLink {text-align: right;} .footerCell .imgDiv{ position:relative; float:left; width:80px; height:65px; margin: 2px 1px 0px 1px;} .bttnMore {width:57px; height:19px; float: right;} .bttnMore a{display: block; background:url(images/welcome-banner/gen/bttn_more_small.png) 0 0 no-repeat; line-height: 19px; text-decoration: none;} .imgBgDiv_i { width:82px; height:67px; //background: url(images/welcome-banner/gen/thumbBgBordered.png) 0 0 no-repeat; padding: 0; float:left; } </style> </head> <body> <body id="exterior"> <div id="body-bg"> </div> <div id="container"> <div id="header"> <a href="index.php<?php echo $referral_string?>"> <div id="logo"> </div></a><!--end of logo--> <div id="updates"> <span> </span> </div><!--end of updates--> <div id="login"> <div id="loginwelcome"> <?php if(!isset($_SESSION['username']) || !isset($_SESSION['password'])){ ?> <?php if($final_report !=""){?> <font color="red"><? echo $final_report;?></font> <?php }else { ?>Welcome Guest, not a member? <a href="register.php<?php echo $referral_string?>"><b>Register Now!</b></a> <?php } ?> </div><!--end of loginwelcome--> <form action="" method="post"> <p> <input type="text" title="username" name="username" class="username" value="Username" onclick="if ( value == 'Username' ) { value = ''; }"/> <input name="password" type="password" class="password" title="password" value="Password" onclick="if ( value == 'Password' ) { value = ''; }"/> <input type="Submit" name="login" class="submit" value="login" tabindex="3" /> </p> </form> </div><!--end of login--> <?php } ?> <?php if(isset($_SESSION['username']) && isset($_SESSION['password'])){ ?> <table> <tr> <td> Welcome <b><?php echo $membername ?></b> </td> </tr> <tr> <td align="right" width="310"> Total Points: <b><?php echo $memberpoints ?></b><br> <?php if ($pointsneeded<=0){ ?> You can now request a reward!<?php }else { ?> Points Needed: <b><?php echo $pointsneeded ?> <?php } ?> </b><br> </td> </tr> </table> </div> <!--end of header--> <?php } ?> <div id="navigation"> <?php if(isset($_SESSION['username']) && isset($_SESSION['password'])){ ?> <table id="navi-items"> <tr><td> <div class="navi-item navi-item-selected"> <div class="navi-heading navi-heading-selected"> <a href="index.php"><img src="images/home.png" alt="Home" /></a> </div> </div> <div class="navi-spacer"></div> <div class="navi-item"> <div class="navi-heading"> <a href="vouchers.php"><img src="images/rewards.png" alt="Rewards" /></a> </div> </div> <div class="navi-spacer"></div> <div class="navi-item"> <div class="navi-heading"> <a href="testimonials.php"><img src="images/testimonials.png" alt="Testimonials" /></a> </div> </div> <div class="navi-spacer"></div> <div class="navi-item"> <div class="navi-heading"> <a href="terms.php"><img src="images/terms.png" alt="Terms" /></a> </div> </div> <div class="navi-spacer"></div> <div class="navi-item"> <div class="navi-heading"> <a href="help.php"><img src="images/help.png" alt="Help" /></a> </div> </div> <div class="navi-spacer"></div> <div class="navi-item"> <div class="navi-heading"> <a href="contact.php"><img src="images/contact-us.png" alt="Contact Us" /></a> </div> </div> </td></tr> </table> <?php }else { ?> <table id="navi-items"> <tr><td> <div class="navi-item navi-item-selected"> <div class="navi-heading navi-heading-selected"> <a href="index.php"><img src="images/home.png" alt="Home" /></a> </div> </div> <div class="navi-spacer"></div> <div class="navi-item"> <div class="navi-heading"> <a href="vouchers.php"><img src="images/rewards.png" alt="Rewards" /></a> </div> </div> <div class="navi-spacer"></div> <div class="navi-item"> <div class="navi-heading"> <a href="testimonials.php"><img src="images/testimonials.png" alt="Testimonials" /></a> </div> </div> <div class="navi-spacer"></div> <div class="navi-item"> <div class="navi-heading"> <a href="terms.php"><img src="images/terms.png" alt="Terms" /></a> </div> </div> <div class="navi-spacer"></div> <div class="navi-item"> <div class="navi-heading"> <a href="help.php"><img src="images/help.png" alt="Help" /></a> </div> </div> <div class="navi-spacer"></div> <div class="navi-item"> <div class="navi-heading"> <a href="contact.php"><img src="images/contact-us.png" alt="Contact Us" /></a> </div> </div> </td></tr> </table> <?php } ?> </div><!--end of navigation--> <!-- ______________________ BANNER ___________________--> <tr><td id="bannerTD"> <div id="bannerContainer"> <div id="bannerBody"> <br /><img src="images/banner.png" border="0" alt="Banner" /> </div> </div> <a href="register.php"><img src="images/signup.png" /></a> <a href="points.php"><img src="images/earn.png" /></a> <a href="vouchers.php"><img src="images/get.png" /></a> </td></tr> <!-- ______________________ /BANNER ___________________--> <div id="contents-top"></div> <div id="contents"> <div class="content-block"> <h1>How does <?php echo $title?> work?</h1><br><br> <a href="register.php<?php echo $referral_string?>"><center><img src="images/step1.png" border="0"><img src="images/step1a.png" border="0"></a><a href="points.php<?php echo $referral_string?>"><img src="images/step2.png" border="0"><img src="images/step2a.png" border="0"><a href="vouchers.php<?php echo $referral_string?>"><img src="images/step3.png" border="0"></center></a> <br> <br> <p> It's easy to use your free time to earn <a href="vouchers.php<?php echo $referral_string?>"><b>rewards</b></a>. While you certainly won't get rich quick or instantly win prizes, if you put in a bit of effort you can earn whatever you want! You can redeem points for online goods or for vouchers such as Amazon, iTunes, ASOS and Xbox Live, the choice is yours. <br><br> While you learn about new products, share information about yourself, or sign up for online services, you earn points. While MOST OFFERS ARE FREE, you will also find cashback shopping and paid/trial offers - a great way to get a deal on your online purchases! <br><br> </p> <h1>Just 3 steps to success!</h1> <p><br> 1. <b>Register:</b> The sign up process takes about 10 seconds, and we'll even give you <font color=#fcbc0c><b><?php echo $bonuspoints ?> FREE BONUS POINTS</b></font> when you <a href="register.php<?php echo $referral_string?>"><b>register</b></a>.<br><br> 2. <b>Earn points:</b> To be able to offer our users FREE gift vouchers to use at online stores such as Amazon and ASOS, you need to earn points. Earning these points are FREE, and you just need to complete a few surveys to get enough points to claim a free voucher. You can also earn points by signing up to some trial offers, but we recommend you stick to the free surveys for now.<br><br> 3. <b>Get Rewards:</b> Once you have earned <?php echo $mainpointsneeded ?> points on <?php echo $title?> you can swap them for REAL products or vouchers, which can be used at online stores/communities. Basically, you can request ANY product or voucher, as long as we can buy it online and send to you via email or shipping. On top of this, if you wish to have something custom ordered, feel free to tell us something what it is and we can always help you out! The rewards you can receive are endless........ </p> <h1>What are points worth?</h1> <p> <br> 10 points = $1.00/£0.50<br> 50 points = $5.00/£2.50<br> 100 points = $10.00/£5.00<br> 200 points = $20.00/£10.00 <br><br> You need <?php echo $mainpointsneeded ?> points before you can redeem them for <a href="vouchers.php<?php echo $referral_string?>">rewards</a>. <br> </p> <h1>How do I know Simple Rewards is legit?</h1> <p>There's no doubt that in today's world fake companies are everywhere. So how do you know Simple Rewards is, in fact, legit? To start, Simple Rewards has already paid out over $10,000 in the last month. This shows not only that we are a legitimate business but also that we are a very active one. If you would like to see more proof of our legitimacy, feel free to check out our <a href="testimonials.php">Testimonials </a> section and read some of the latest testimonials written by Simple Rewards users! </p> <br /> <h1>Reward Ideas</h1> <p> <br /> <img src="images/ps3.png"> <img src="images/giftcards.png"> <img src="images/ipodtouch.png"> </p> <p><center> <p><a href="index.php"><img src="images/largebanner.gif" /><hr width="75%"> <script type=text/javascript language=JavaScript src=http://www.linkreferral.com/networkads2.pl?refid=341046&height=1&width=3&category=money making opportunities&subcategory=services ></script></a></p> </center></p> </div><!--end of contentblock--> </div><!--end of contents--> <div id="contents-bottom"></div> </div><!--end of container--> </div> <?php include("footer.php");?> I need to know how to allow admin to essentially be "all users" in otherwords, edit everyones profile and not just their own. Tell me what codes would be helpful and i will send them on in. By the way, i do have a script that allows members to edit own profile. Hey guys. So I'm about to start developing a Private Messaging system for a CMS that I already have set up and working fine, and I had a problem I would like to solve before I start. I would like to add a feature that allows users to send the message to one or more users at a time. Whether it be by typing in the different usernames seperated by commas in the input field or another method, I have no idea how I'd handle submitting this into the database. I don't want it to be like a group conversation though, I want it to submit the message seperately for each user they included in the receptitents field. Any suggestions on how to go about doing this? Gathering it'd be like an array of some sort but I have very little experience with arrays from forms and how to seperate them. I have jobs portal where registered users posts new jobs searches
This weekly newsletter will send all the jobs posted in the site (in a week) to the registered users but in a more personalized way: For example, posted jobs looking for designers should be sent to users registered as designers.
what is the best way to do this? any recommendations? Thanks in advance.
|
|||||||