aram Posted June 16, 2011 Share Posted June 16, 2011 Hi my admin pages has been accessed by someone and i think he/she could break my session, because when a registered one accesses my admin pages and edites or adds an article or anything his/her name will write with the article but this one has no any name, is that possible? please someone help im in a big problem. Link to comment Share on other sites More sharing options...
jeffman Posted June 16, 2011 Share Posted June 16, 2011 If you are doing nothing to protect against SQL Injection, this might not be a session problem. Are you running data through mysql_escape_string before adding it to the database?To find out if it's a session problem, you'll need to show us the login code AND the code that accepts data from registered users. Link to comment Share on other sites More sharing options...
aram Posted June 16, 2011 Author Share Posted June 16, 2011 im useing those $name=htmlspecialchars($name);$pass=htmlspecialchars($pass);$name=stripcslashes($name);$pass=stripcslashes($pass);$name=mysql_real_escape_string($name);$pass=mysql_real_escape_string($pass); Link to comment Share on other sites More sharing options...
jeffman Posted June 16, 2011 Share Posted June 16, 2011 I think we'll need to see the rest of the code. Maybe you can post only the sections that are relevant to the problem. Link to comment Share on other sites More sharing options...
aram Posted June 16, 2011 Author Share Posted June 16, 2011 my login page: <form name="form1" method="post" action="check.php"><td><table width="100%" border="0" cellpadding="3" cellspacing="1" bgcolor="#eeeeee"><tr><td colspan="3"><strong>Login:</strong></td></tr><tr><td>Name:</td><td><input name="name" type="text" id="name"></td></tr><tr><td>password:</td><td><input name="pass" type="password" id="pass"></td></tr><tr><td>language:</td><td><select name="language"><option value="kurdish">kurdish</option><option value="arabic">arabic</option><option value="english">english</option></select></td></tr><tr><td><input type="submit" name="submit" value="Log in"></td></tr></table></td></form> Check page: <?phpob_start();$host="host";$username="username";$password="password";$db_name="databse";$tbl_name="login";$tbl_name1="users";mysql_connect("$host", "$username", "$password");mysql_select_db("$db_name");$name=$_POST['name'];$pass=$_POST['pass'];$language=$_POST['language'];$dateTime = new DateTime("now", new DateTimeZone('Asia/Aden'));$dateTime= $dateTime->format("Y-m-d H:i:s");$sqlu="INSERT INTO $tbl_name1 (ip, datet, page)VALUES('".$_SERVER['REMOTE_ADDR']."','$dateTime','login page')";mysql_query($sqlu);$name=htmlspecialchars($name);$pass=htmlspecialchars($pass);$name=stripcslashes($name);$pass=stripcslashes($pass);$name=mysql_real_escape_string($name);$pass=mysql_real_escape_string($pass);if($language==kurdish){$sql="SELECT * FROM $tbl_name WHERE name='$name' AND pass='$pass' AND language='$language'";$result=mysql_query($sql);$count=mysql_num_rows($result);IF($count==1){ session_start(); $_SESSION['kurdish'] =$name; header("location:kurdishadmin.php"); } else{ header("location:login.php"); } } if($language==arabic){ $sql="SELECT * FROM $tbl_name WHERE name='$name' AND pass='$pass' AND language='$language'"; $result=mysql_query($sql); $count=mysql_num_rows($result);IF($count==1){ session_start(); $_SESSION['arabic'] =$name; header("location:arabicadmin.php"); } else{ header("location:login.php"); } } if($language==english){ $sql="SELECT * FROM $tbl_name WHERE name='$name' AND pass='$pass' AND language='$language'"; $result=mysql_query($sql); $count=mysql_num_rows($result);IF($count==1){ session_start(); $_SESSION['english'] =$name; header("location:english.php"); } else{ header("location:login.php"); } }ob_end_flush();?> Kurdishadmin top: <?PHPsession_start();if (!(isset($_SESSION['kurdish']) && $_SESSION['kurdish'] != '')) {header ("Location:login.php");}$user=$_SESSION['kurdish'];?> Link to comment Share on other sites More sharing options...
aram Posted June 16, 2011 Author Share Posted June 16, 2011 I think we'll need to see the rest of the code. Maybe you can post only the sections that are relevant to the problem.Thats my codes: please some helpis there anything wrong with my code my friend? Link to comment Share on other sites More sharing options...
jeffman Posted June 16, 2011 Share Posted June 16, 2011 Show us the registration code. I wonder if it is possible for someone to register with a username that is 0 characters long. Link to comment Share on other sites More sharing options...
aram Posted June 16, 2011 Author Share Posted June 16, 2011 Show us the registration code. I wonder if it is possible for someone to register with a username that is 0 characters long.im adding the names by my self directly in databse because its for a company, there is no registration page Link to comment Share on other sites More sharing options...
justsomeguy Posted June 16, 2011 Share Posted June 16, 2011 Is the problem that no name appears on the article? If so, then show the relevant code for that. Link to comment Share on other sites More sharing options...
aram Posted June 16, 2011 Author Share Posted June 16, 2011 no the problem is only three persons has accsess to the admin page, its not a comunity, but he/she accesses the admin page and deletes and edites and ads things. Link to comment Share on other sites More sharing options...
justsomeguy Posted June 16, 2011 Share Posted June 16, 2011 And you are absolutely sure that this person is not using a username and password to log in? Why are you sure of that? Link to comment Share on other sites More sharing options...
aram Posted June 16, 2011 Author Share Posted June 16, 2011 Thats what i think because this three persons has names in database when they add and edit anything there names will be write beside, but this persons when he/she add edit things the name field will be nothing. Link to comment Share on other sites More sharing options...
thescientist Posted June 16, 2011 Share Posted June 16, 2011 is the name dynamically added by the code, or is it up to the user to fill in their name whenever they make a change? again, showing the relevant pieces of the code (i.e. the admin section for articles) is going to help us out more than a longwinded Q/A session.. Link to comment Share on other sites More sharing options...
aram Posted June 16, 2011 Author Share Posted June 16, 2011 no my codes dynamically add the names beside the articles. depends on his/her name when he/she iogs in Link to comment Share on other sites More sharing options...
thescientist Posted June 16, 2011 Share Posted June 16, 2011 no my codes dynamically add the names beside the articles.can you just show us how? Maybe there's something on the page that isn't checking for $_SESSION status or something, and somehow people are using a bookmark for this. code is king (in case you haven't got the hint). Link to comment Share on other sites More sharing options...
aram Posted June 16, 2011 Author Share Posted June 16, 2011 session_start();if (!(isset($_SESSION['kurdish']) && $_SESSION['kurdish'] != '')) {header ("Location:login.php");}$user=$_SESSION['kurdish'];?> in the 5th line im getting the username that he/she loged in with Link to comment Share on other sites More sharing options...
jeffman Posted June 16, 2011 Share Posted June 16, 2011 Post the rest of that script. I'd like to see every reference to $user . Link to comment Share on other sites More sharing options...
aram Posted June 16, 2011 Author Share Posted June 16, 2011 The arrest of the code is for addnig and editing or deleteing the articles its too much Link to comment Share on other sites More sharing options...
aram Posted June 16, 2011 Author Share Posted June 16, 2011 im afraid the problem would be in the SESSION, you mean theres no problem with it Link to comment Share on other sites More sharing options...
jeffman Posted June 16, 2011 Share Posted June 16, 2011 The code in Post #16 looks like it will do the job. Link to comment Share on other sites More sharing options...
justsomeguy Posted June 16, 2011 Share Posted June 16, 2011 Other than using an undefined variable in one of your queries, I don't see any obvious problems. But you can replace this line:if (!(isset($_SESSION['kurdish']) && $_SESSION['kurdish'] != '')) {with this:if (empty($_SESSION['kurdish']))They do the same thing. Link to comment Share on other sites More sharing options...
aram Posted June 16, 2011 Author Share Posted June 16, 2011 can you tell me how to fix it? Link to comment Share on other sites More sharing options...
aram Posted June 16, 2011 Author Share Posted June 16, 2011 Other than using an undefined variable in one of your queries, I don't see any obvious problems. But you can replace this line:if (!(isset($_SESSION['kurdish']) && $_SESSION['kurdish'] != '')) {with this:if (empty($_SESSION['kurdish']))They do the same thing.Where is this undefined variable? can you tell me?is it stronger? or its the same because if its the same why do i have to change it? Link to comment Share on other sites More sharing options...
ShadowMage Posted June 16, 2011 Share Posted June 16, 2011 Any code following a header() call will still be executed. So if this was accessed through a bookmark or something and the user hasn't logged in before, the script could still make changes to the database.Try adding an exit statement right after your header: if (!(isset($_SESSION['kurdish']) && $_SESSION['kurdish'] != '')) { header ("Location:login.php"); exit; //This should halt the script and redirect the browser to the login page} Link to comment Share on other sites More sharing options...
aram Posted June 16, 2011 Author Share Posted June 16, 2011 Any code following a header() call will still be executed. So if this was accessed through a bookmark or something and the user hasn't logged in before, the script could still make changes to the database.Try adding an exit statement right after your header:if (!(isset($_SESSION['kurdish']) && $_SESSION['kurdish'] != '')) { header ("Location:login.php"); exit; //This should halt the script and redirect the browser to the login page} isnt it the same?session_start();if (!(isset($_SESSION['kurdish']) && $_SESSION['kurdish'] != '')) {header ("Location:login.php");}$user=$_SESSION['kurdish'];?> Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.