Login script

jc79 · July 6, 2014, 8:24pm

Hello,

I have a login script that worked for a long time, but after the reset of our server, it doesn’t work correct.

You can login
you can browse for a while
And then with no reason your logout
It’s not a specific part of the website, it can happen everywhere.

I’m not very good in this cookie thing, so someone build it a few years ago.

on the website this is the script:
This part is to check if you are logged in, simple php.


if(!is_ingelogd())
{
	$persnr 	=	'0';
	if(isset($_GET['pagina']) && $_GET['pagina'] == "ww_vergeten")
	{
		include_once("paginas/wachtwoord_vergeten.php");
		$maintitel = "Forgot password";
	}
	ELSE
	{
	//If you are not logged in
		$maintitel = "U bent niet ingelogd";	
	$welkom = 'Welkom op de medewerkers site van J.C. Sound &amp; Light.<br/><br/>Om verder te gaan dient u in te loggen, dit kunt u hier aan de rechterkant doen.<br/><br/><br/><br/>
	<a href="?pagina=ww_vergeten"><i>klik hier als u uw wachtwoord vergeten bent.</i></a>';
	}
}
else{
//you are logged in
}

cookies functions



function randomcode($input=10)
{
    $letters = array ("a", "b", "c", "d", "e", "f", "g", "h", "i", "j", "k", "l", "m", "n", "o",
                          "p", "q", "r", "s", "t", "u", "v", "w", "x", "y", "z", "1", "2", "3", "4", "5", "6", "7", "8", "9", "0");

    $code = "";

    for ($i = 0; $i < $input; $i++){
        if($i % 2){
             $code .= strtoupper($letters[rand(0, count($letters)-1)]);
        }
        else{
             $code .= strtolower($letters[rand(0, count($letters)-1)]);
        }
    }

    return $code;
}

function set_inlog($list,$time=0){
include("./includes/config.php");
    $key = randomcode(15);
    $onlinetijd = time();

    $qry = $connection->prepare("UPDATE
							mw_gegevens
						SET
							mw_gegevens_ckey		=	?,
							mw_gegevens_logintime 	=	?
						WHERE
							mw_gegevens_id			=	?
						");
	if($qry === false)
	{
		echo "Query error:.". $connection->error();
	}	
			$qry->bind_param('sii', $key,$onlinetijd,$list['mw_gegevens_id']);
			$qry->execute();
			$qry->close();
    setcookie ("SMW_id", $list['mw_gegevens_id'], $time, "/");
    setcookie ("SMW_persnr", $list['mw_gegevens_persnr'], $time, "/");
    setcookie ("SMW_key", $key, $time, "/");
    setcookie ("SMW_time", $onlinetijd, $time, "/");
}


function is_ingelogd($rtrnlist=0){
include("./includes/config.php");
    if    (
        isset($_COOKIE["SMW_id"]) &&
        isset($_COOKIE["SMW_persnr"]) &&
        isset($_COOKIE["SMW_key"])
        ){

        $SMW_ID        =    $_COOKIE['SMW_id'];
        $SMW_PERSNR    =    $_COOKIE['SMW_persnr'];
        $SMW_KEY    =    $_COOKIE['SMW_key'];


        $qry = $connection->query("
							SELECT
								*
							FROM
								mw_gegevens
							WHERE
								mw_gegevens_id 		= '".$SMW_ID."'
							AND
								mw_gegevens_persnr	= '".$SMW_PERSNR."'
							AND
								mw_gegevens_ckey	= '".$SMW_KEY."'
							")
							;

        if($qry->num_rows == 1){
            if($rtrnlist){
                return $qry->fetch_assoc();
            }
            else{
                return true;
            }
        }
        else{
            $false = 1;
        }
    }
    else{
        $false = 1;
    }

    if($false){
        del_inlog();
        return false;
    }
}

Login script


if(isset($_POST['login']))
{

$password = $_POST['mw_pass'];
//check personal salt
$saltqry = $connection->query("
								SELECT
										salt,
										mw_gegevens_groep										
								FROM
										mw_gegevens
								WHERE 	
										mw_gegevens_persnr='".$_POST['mw_user']."'
								");

	($erroruitkomst = $saltqry->fetch_assoc());
	if($saltqry->num_rows == 0)
	{
		$salt='';
	}
	else
	{
		$salt = $erroruitkomst['salt'];
	}
	
	//include_once('inlog/passcrypt.php');
$Nieuw_ww = crypt($password, '*******' . $salt);
	$userpassword = $Nieuw_ww;

	$mw_gegevens_qry = $connection->query("
								SELECT
										*
								FROM
										mw_gegevens
								WHERE 	
										mw_gegevens_persnr='".$_POST['mw_user']."'
								AND 	
										mw_gegevens_pass='".$userpassword."'
								AND
										mw_gegevens_pass!=''
								");

	($mwgegevens = $mw_gegevens_qry->fetch_assoc());
	if($_POST['mw_user']=='')
	{
		$aErrors=71;
	}
	elseif($_POST['mw_pass']=='')
	{
		$aErrors=8;
	}
	elseif($_POST['mw_pass']!='' && $_POST['mw_user']!='' && $mw_gegevens_qry->num_rows == 0)
	{
		$aErrors= 91;
	}
	elseif($saltqry->num_rows != 0 && $erroruitkomst['mw_gegevens_groep']==7)
	{
		$aErrors= 11;
	}
	elseif($saltqry->num_rows == 1)
	{
		$aErrors=0;
	}
	else
	{
		$aErrors=9999;
	}
	if($aErrors!=0)
	{
$error=$aErrors;

//inlogerror log
  include($pathmw.'includes/error.php');
	 $qry = $connection->query("
		insert into
			mw_errorlog
		SET
			logintime		=	'".mysql_real_escape_string(time())."',
			ipadres			=	'".$_SERVER['REMOTE_ADDR']."',
			mwnr			=	?,
			melding			=	'". $aErrors."'
			");
		if($qry === false)
		{
		echo "Query error:.". $connection->error();
		}
		else
		{ 	$qry->bind_param('i', $_POST['mw_user']);
			$qry->execute();
			$qry->close();
	$welkom .= '<br/><font color=red>Fout bij inloggen: ' . $errormessage .' </font><br/><br/>';
		}
	}
	else
	{ 	
			set_inlog($mwgegevens);
			if(isset($_GET['pagina']))
			{
			header("location: ?pagina=".$_GET['pagina']);
			}
			else
			{
			header("location: index.php?pagina=home");
			}
			exit;
	}
}

jc79 · July 6, 2014, 10:01pm

CAn I do that myself or should I ask that to my hoster?

SpacePhoenix · July 7, 2014, 5:34am

Use:

<?php phpinfo(); ?>

Check the values that are displayed in the “Session” section, whoever maintains your server may have changed one or more settings.

btw, your code is wide open to potential SQL Injection attacks. Any data coming from the $_GET, $_POST, $_REQUEST, $GLOBALS, or $_COOKIE arrays needs to be treated as dangerous data as it’s user submitted. The golden rule is to never trust any user submitted data. You need to use prepared statements.

Also it looks like you might be mixing database extensions, which you can’t do, be aware that the mysql_* extension is depreciated anyway as of the current version of PHP and will likely be removed from version 5.6 of php.

How long ago was the site built? I’ve got a gut feeling that there might be some old stuff from the old (and long depreceated) version 4 of PHP, the server might have been upgraded to a newer version of PHP and possibly some stuff might have now broke

jc79 · July 7, 2014, 7:10am

The script is about 8 years old, from time to time this were added or changed. First is was with md5, no personal code, no error check etc etc.
But I have a hard time understanding how the cookie stuff works. I tried to build it again a few years ago, but couln’t get it to work proper, so I switched back to the origanl one.

I see I still forgot to replace 2 $_POSTvariables, I will remove them right away.

I’m working on replacing all Mysql to Mysqli, but all over the website there are hundreds of them, so that will take some time.