PHP - Why Will Only Disable Users Work In My Code?

I just discovered that I have a major security flaw with my website.
Anyone who logs in to the website can easily access other users information as well as delete and edit other users information just by changing the ID variable in the address bar.
I have user ID Session started on these pages but still people can do anything they like with other users information just by editing the address bar.
For example if your logged in in the address bar of www.mywebsite.com/delete_mystuff.php?id=5 and change the "5" say to a "9" then you will have access to user#9 information.

Every important page that I have has this code:
Code: [Select]
 session_start();

if (!isset($_SESSION['user_id'])) {
// Start defining the URL.
         $url = 'http://' . $_SERVER['HTTP_HOST'] . dirname($_SERVER['PHP_SELF']);
// Check for a trailing slash.
         if ((substr($url, -1) == '/') OR (substr($url, -1) == '\\') ) {
         $url = substr ($url, 0, -1); // Chop off the slash.
}
// Add the page.
$url .= '/index.php';
ob_end_clean(); // Delete the buffer.
header("Location: $url");
exit(); // Quit the script.
} else {
                //Else If Logged In Run The Script

if((isset($_GET['id'])) && (is_numeric($_GET['id']))) {
         $id = (int) $_GET['id'];
} elseif ((isset($_POST['id'])) && (is_numeric($_POST['id']))) {
         $id = (int) $_POST['id'];
} else {
         echo ' No valid ID found, passed in url or form element';
        
         exit();
}



What am I doing wrong?
Please help if you know how to correct this.

Many thanks in advance.

I have a mysql table which will store users email addresses (each is unique and is the primary field) and a timestamp. 
I have added another column called `'unique_code' (varchar(64), utf8_unicode_ci)`.

What I would very much appreciate assistance with is;

a) Generating a 5 digit alphanumeric code, ie: 5ABH6 
b) Check all rows the 'unique_code' column to ensure it is unique, otherwise re-generate and check again 
c) Insert the uniquely generated 5 digit alphanumeric code into `'unique_code'` column, corresponding to the email address just entered. 
d) display the code on screen.

What code must I put and where?


**My current php is as follows:**

Code: [Select]
    require "includes/connect.php";
   
    $msg = '';
   
    if($_POST['email']){
   
    // Requested with AJAX:
    $ajax = ($_SERVER['HTTP_X_REQUESTED_WITH']  == 'XMLHttpRequest');
   
    try{
    if(!filter_input(INPUT_POST,'email',FILTER_VALIDATE_EMAIL)){
    throw new Exception('Invalid Email!');
    }
   
    $mysqli->query("INSERT INTO coming_soon_emails
    SET email='".$mysqli->real_escape_string($_POST['email'])."'");
   
    if($mysqli->affected_rows != 1){
    throw new Exception('You are already on the notification list.');
    }
   
    if($ajax){
    die('{"status":1}');
    }
   
    $msg = "Thank you!";
   
    }
    catch (Exception $e){
   
    if($ajax){
    die(json_encode(array('error'=>$e->getMessage())));
    }
   
    $msg = $e->getMessage();
    }
    }

Hi,

I'm creating a chat-box application and I'm trying to add IP bans, where the php code checks if the user is banned or not and then insert the chat, but even if the IP address is banned it will still insert the chat.


Code: [Select]
$ipsql = mysql_query("SELECT * FROM bans WHERE ip='$user_ip'" or die (mysql_error()));
$bancheck = mysql_num_rows($ipsql);
if($bancheck <= 0){
$sql = mysql_query("INSERT INTO chats (user_ip, user_name, chat_body, date_time)
        VALUES('$user_ip','$user_name','$chat_body',now())") 
        or die (mysql_error());
}

 
Thanks,
Soccerjunki

I have this code that changes an image on the hour, of a random hour and stays changed for 2 minutes, regardless of refreshes etc etc, and it has to be the exact same hour and 2 minutes for everyone. I know at the minute it is going to change at 4pm, it is only for testing purposes, I am doind the random time bit later.

<?php
$minute = date(i);
$hour = 16;
if ($hour == date(H) && $minute < 3)
  $buttonimage = "buttonon.png";
else
  $buttonimage = "buttonoff.png";
?>
<table width="200" border="1">
  <tr>
    <td><img src="<?php echo($buttonimage); ?>" /></td>
  </tr>
</table>

I am trying to work out why the answer to a PHP quiz question is what it is.

The code below prints out: b,c,A,B,C,

I just can't seem to get my head round how it works, would anyone be able to talk me through it quickly?

Code:

Code: [Select]
<?php

class Magic {
public $a = "A";
protected $b = array("a" => "A", "b" => "B", "c" => "C");
protected $c = array (1,2,3);



public function __get($V) {
echo "$V,";
return $this->b[$V];

}


public function __set($var, $val) {

echo "$var: $val,";
echo $this->$var = $val;

}

}

$m = new Magic();

echo $m->a . "," . $m->b . "," . $m->c . ",";


?>

I have the following code is a included file on my main page

Code: [Select]

class usersOnline {

var $timeout = 600;
var $count = 0;
var $error;
var $i = 0;

function usersOnline () {
$this->timestamp = time();
$this->ip = $this->ipCheck();
$this->new_user();
$this->delete_user();
$this->count_users();
$this->browser = $this->useragentbrowser();
$this->os = $this->useragentos();
}


// start user
function useragentbrowser(){

$agent = getenv('HTTP_USER_AGENT');
$browserArray = array(
        'Windows Mobile' => 'IEMobile',
'Android Mobile' => 'Android',
'iPhone Mobile' => 'iPhone',
'Firefox' => 'Firefox',
        'Google Chrome' => 'Chrome',
        'Internet Explorer' => 'MSIE',
        'Opera' => 'Opera',
        'Safari' => 'Safari'
);
foreach ($browserArray as $k => $v) {

    if (preg_match("/$v/", $agent)) {
         break;
    } else {
$k = "Browser Unknown";
    }
}
$browser = $k;
return $browser;

}

function useragentos(){
$agent = getenv('HTTP_USER_AGENT');
$osArray = array(
        'Windows 98' => '(Win98)|(Windows 98)',
        'Windows 2000' => '(Windows 2000)|(Windows NT 5.0)',
'Windows ME' => 'Windows ME',
        'Windows XP' => '(Windows XP)|(Windows NT 5.1)',
        'Windows Vista' => 'Windows NT 6.0',
        'Windows 7' => '(Windows NT 6.1)|(Windows NT 7.0)',
        'Windows NT 4.0' => '(WinNT)|(Windows NT 4.0)|(WinNT4.0)|(Windows NT)',
'Linux' => '(X11)|(Linux)',
'Mac OS' => '(Mac_PowerPC)|(Macintosh)|(Mac OS)'
);
foreach ($osArray as $k => $v) {

    if (preg_match("/$v/", $agent)) {
         break;
    } else {
$k = "Unknown OS";
    }
}
$os = $k;

return $os;

}



// end user


function ipCheck() {

if (getenv('HTTP_CLIENT_IP')) {
$ip = getenv('HTTP_CLIENT_IP');
}
elseif (getenv('HTTP_X_FORWARDED_FOR')) {
$ip = getenv('HTTP_X_FORWARDED_FOR');
}
elseif (getenv('HTTP_X_FORWARDED')) {
$ip = getenv('HTTP_X_FORWARDED');
}
elseif (getenv('HTTP_FORWARDED_FOR')) {
$ip = getenv('HTTP_FORWARDED_FOR');
}
elseif (getenv('HTTP_FORWARDED')) {
$ip = getenv('HTTP_FORWARDED');
}
else {
$ip = $_SERVER['REMOTE_ADDR'];
}
return $ip;
}

function new_user() {
$insert = mysql_query ("INSERT INTO ******(timestamp, ip, browser, os) VALUES ('$this->timestamp', '$this->ip', '$this->browser', '$this->os')");
if (!$insert) {
$this->error[$this->i] = "Unable to record new visitor\r\n";
$this->i ++;
}
}

function delete_user() {
$delete = mysql_query ("DELETE FROM ***** WHERE timestamp < ($this->timestamp - $this->timeout)");
if (!$delete) {
$this->error[$this->i] = "Unable to delete visitors";
$this->i ++;
}
}

function count_users() {
if (count($this->error) == 0) {
$count = mysql_num_rows ( mysql_query("SELECT DISTINCT ip FROM *******"));
return $count;
}
}

}


The problem I have is that $browser and $os are not being inserted into the db, but everything else is.

Can anyone help?

Thanks James

Hi,

I am having difficulties with the login section on a website.

I have tried to update the old funtion names which have been deprecated, but when I do this the login will not work.

This is the log.php file, (this is required by index.php on the restricted directory to access the page).

Code: [Select]

<?php session_start(); ?>


<?php

 $hostname = "..";
 $username = "..";
 $password = "..";
 $database = "..";

 $link = MYSQL_CONNECT($hostname,$username,$password);
 
 mysql_select_db($database); 
?>

<?php

if($_GET['action'] == "login") {
$conn = mysql_connect("..","..","..);
$db = mysql_select_db(".."); //Your database name goes in this field.
$name = $_POST['user'];
$ip=$_SERVER['REMOTE_ADDR'];
$var = mysql_real_escape_string($var);
$country = file_get_contents('http://stonito.com/script/geoip/?ip='.$ip);
$q_user = mysql_query("SELECT * FROM customer WHERE username='$name'");

?>

<?php
               $insert_query = ("INSERT INTO login(username, ip, country) VALUES ('$name','$ip','$country');");
               mysql_query($insert_query) or die('Error, insert query failed');

?>

<?php
if(mysql_num_rows($q_user) == 1) {

$query = mysql_query("SELECT * FROM customer WHERE username='$name'");
$data = mysql_fetch_array($query);
if($_POST['pwd'] == $data['password']) {
session_register("name");
header("Location: ../index.php?un=$name"); // This is the page that you want to open if the user successfully logs in to your website.
exit;
} else {
header("Location: ..");
exit;
}
} else {
header("Location: ..");
exit;
}
}

// if the session is not registered
if(session_is_registered("name") == false) {
header("Location: login.php");
}



?>

The two old code parts. causing the problems are  session_register("name"); session_is_registered .  When I change update elements in the code block shown below, it will not work.

Can anyone tell me why please?



Code: [Select]
<?php
if(mysql_num_rows($q_user) == 1) {

$query = mysql_query("SELECT * FROM customer WHERE username='$name'");
$data = mysql_fetch_array($query);
if($_POST['pwd'] == $data['password']) {
$_SESSION['name'];
header("Location: ../download/index.php?un=$name"); // This is the page that you want to open if the user successfully logs in to your website.
exit;
} else {
header("Location: ..");
exit;
}
} else {
header("Location: ..");
exit;
}
}

if(!isset($_SESSION['name'])) {
header("Location: http://www.myurl.com");
}




Any help would be very gratefully received.

I have this little code that I cannot get to work
Code: [Select]
$sql_buildings = ("SELECT castle, treasury, huts, [b]leader_id[/b] FROM teams WHERE team_id=[b]".$_GET['t']." [/b]");
$rsbuildings = mysql_query($sql_buildings);

if($rsbuildings[".$_GET['t']."] == 'leader_id' ){
The problem is this part:
Code: [Select]
if($rsbuildings[[b]".$_GET['t']."[/b]] == '[b]leader_id[/b]' ){
How can I write it to have these to values work?

Hi, guys. I'm have a website setup on my localhost. It's not yet LIVE. However, i'm setting up a cron job to work with the code below. Will this code work fine?


$sql = "SELECT * FROM users WHERE subscription <> 0";
$result = mysql_query($sql);
if(mysql_num_rows($result))
{
while($row = mysql_fetch_assoc($result)){
$subscription = $row['subscription'] - 1;
$sql = "UPDATE users SET subscription = '$subscription' WHERE subscription <> 0";
$result=mysql_query($sql) or die(mysql_error());
}
}
$query = "SELECT * FROM users WHERE subscription = 0";
$update = mysql_query($query);
if(mysql_num_rows($update))
{
while($row1 = mysql_fetch_assoc($update)){
$subscription = 0;
$query = "UPDATE users SET disable = 1 WHERE subscription = '$subscription'";
$update=mysql_query($query) or die(mysql_error());
}
}


Also, how will i have to write the cron job to meet the needs of this script and update it at 12am every day?

Hi everybody!

I'm creating a site and none of my php-code works.

I tried to do a simple php-code to test it but it doesn't work either.

The simple php-code:
<?php

echo "hello";

?>

Guys i wrote one pinging script but i don't know it works or not... Someone help me about it works or not?
<?php
 site1("http://site.com/sitemap.xml");
 site2("http://site2.com/sitemap.xml");
 
function site1($url){
@file_get_contents("http://www.google.com/webmasters/tools/ping?sitemap=" . $url);
@file_get_contents("http://search.yahooapis.com/SiteExplorerService/V1/updateNotification?appid=YahooDemo&amp;url=" . $url);
@file_get_contents("http://www.bing.com/webmaster/ping.aspx?siteMap=" . $url);
@file_get_contents("http://submissions.ask.com/ping?sitemap=" . $url);
}
Print "Pinging1 success";

function site2($url){
@file_get_contents("http://www.google.com/webmasters/tools/ping?sitemap=" . $url);
@file_get_contents("http://search.yahooapis.com/SiteExplorerService/V1/updateNotification?appid=YahooDemo&amp;url=" . $url);
@file_get_contents("http://www.bing.com/webmaster/ping.aspx?siteMap=" . $url);
@file_get_contents("http://submissions.ask.com/ping?sitemap=" . $url);
}
Print "<br>Pinging2 success";
?>

Code: [Select]
<?php
require "global.php";

if ($_POST)
{
$name = $_POST['name'];
$data = sprintf("INSERT INTO forums VALUES (DEFAULT,'$name')");
mysql_query($data);
$fid = mysql_insert_id();
header( 'Location: viewforum.php?fid='.$fid);
exit;
}

echo '
<form action="" method="POST">
<table>
<tr><td>Forum Name: </td><td><input name="name" /></td></tr>
</table>
<input type="submit" value=" Add Forum " />
</form>';
?>
This added forums whenever I made one to my MySQL database in the table "forums"
For whatever reason, whenever I make a forum, it makes it end in ".php?fid=0" and does not create the forum on the database.

Any ideas?  Thanks!

Hello

I am getting the following error when accessing this page... test.php

Code: [Select]
<?php
$url = "http://www.howtogeek.com";

$str = file_get_contents($url);

function get_url_contents($url){
        $crl = curl_init();
        $timeout = 5;
        curl_setopt ($crl, CURLOPT_URL,$url);
        curl_setopt ($crl, CURLOPT_RETURNTRANSFER, 1);
        curl_setopt ($crl, CURLOPT_CONNECTTIMEOUT, $timeout);
        $ret = curl_exec($crl);
        curl_close($crl);
        return $ret;
}
?>
Easy right??? I am getting the following error.
Code: [Select]
Parse error: syntax error, unexpected ':' in /home/username/public_html/tools/crawler/test.php on line 2

The above example code was taken from How To Geek.
http://www.howtogeek.com/howto/programming/php-get-the-contents-of-a-web-page-rss-feed-or-xml-file-into-a-string-variable/

I have tried single quotes, removed the http:// part, a few other small things but I just don't understand. Can anyone shed some light on it? Thanks!
 

Hello;

I'm new to php and to programming in general, but i want to do a little app to help a process on my work, you know, just being pro-active (hoping it doesnt come and byte me in the a** in the future, you know.. "you did it now our life depend on it and you fix it right now!!).

So.. I have this really simple piece of code, but its not working and i cant figure out why. I'm trying to use echo to print a couple of link but when i put in the second line everything messes up. the code is:

(note the "test lines" i just added them to try to understand what is doing)

<?php
$client = $_GET['client'];
echo "Client " . $client . "<br />";
echo "test line 1";
echo "<a href=\"link1.php?client=".$client.">Link 1</a><br>";
echo "test line 2";
echo "test line 3";
echo "<a href=\"link2.php?client=".$client.">Link 2</a><br>";
?>

When i open the page on firefox i get:
===
Client myclient
test line 1Link 2
===
Where the link (underlined) text is "Link 2" but the it points to something totally different (a mix of the rest of the code).

If I remove the second link, like he

<?php
$client = $_GET['client'];
echo "Client " . $client . "<br />";
echo "test line 1";
echo "<a href=\"link1.php?client=".$client.">Link 1</a><br>";
echo "test line 2";
echo "test line 3";
?>

I get what i'd expect:
===
Client myclient
test line 1Link 1
test line 2test line 3
===

Im totally lost, im not sure if its a browser issue, a server issue or just the code

My setup:
WAMP 2.1 (Apache)
I'm opening the "site" with Firefox 3.6.15 and IE6, both show the same result
Windows XP (dont know if it matters)
The file is saved as php
tried changing "echo" with "print", same result
Umm.. thats it...

Please let me know if you need any more info

Thanks everyone

edit: typo on subject
edit: yet another typo