php + mysql + cookies (autorizacija korisnika) = problemi...

[ NenadS @ 17.05.2006. 17:02 ] @

Napravio sam sledecu vrlo prostu scriptu koja treba da radi sledece:

Na pocetnoj strani treba da prikaze ime korisnika koji je ulogovan i da prikaze link za logout, a ako nije ulogovan, onda da stoji link za login.

Klikom na link za login dobija da upise user i pass i onda ide provera iz baze podataka. Ako je sve u redu upisuje cookie i vraca na index kako bi tamo napisao da je korisnik ulogovan i iz baze procitao username. To radi tako sto proverava da li je cookie upisan i uporedjuje vrednosti sa onima iz baze. I to kao sve radi kako treba... osim dela kada kliknem da se izlogujem. Tada se samo obrise username, dok i dalje pise da sam ulogovan, a u stvari nisam jer je i cookie obrisan klikom na logout.

Da li neko moze da mi kaze gde gresim i zasto mi cookie_check stalno vraca true vrednost, a nikad false...

Hvala unapred.

p.s.
Ako mislite da ovo moze da se napise drugacije ali da radi isto ovako, to bi bilo jos bolje :)

Code:
<?php

include('includes/db.php');

$cookie_length = 3600;
$hostname = "127.0.0.1";

$userdata = get_userdata($_COOKIE['test_user_id']);
$logged_in = cookie_check();

$q = ( isset($HTTP_GET_VARS['q']) ) ? $HTTP_GET_VARS['q'] : $HTTP_POST_VARS['q'];

switch( $q )
{
    case 'index':
    default:
        index();
    break;

    case 'login':
        login();
    break;

    case 'login_check':
        login_check($username, $password);
    break;

    case 'cookie_check':
        cookie_check();
    break;

    case 'logout':
        logout();
    break;
}

function index() {

    global $userdata, $logged_in;

    if ( $logged_in == true ) {

        echo 'Vi (' . $userdata['username'] . ') ste ulogovani!<br /><a href="?q=logout">Izlaz</a><br />';
    }
    else
    {
        echo '<a href="?q=login">Logovanje</a>';
    }
}

function login() {

    echo '<form name="login_form" method="post" action="?q=login_check">
  Username:
  <input name="username" type="text" id="username">
  <br>
  Password:
  <input name="password" type="password" id="password">
  <br>
  <input type="submit" name="Submit" value="Submit">
</form>';
}

function login_check($username, $password) {

    global $cookie_length, $hostname;

    $username = stripslashes($username);
    $password = stripslashes($password);

    $sql = mysql_query("SELECT * FROM user WHERE username = '$username' AND password = '$password'");

    $login_check = mysql_num_rows($sql);

    if( $login_check > 0 ){

        $row = mysql_fetch_array($sql);

        setcookie('test_user_id', $row['user_id'], time() + $cookie_length, '/', $hostname, 0);
        setcookie('test_user_passwd', $row['password'], time() + $cookie_length, '/', $hostname, 0);

        header("Location: ?q=index");
    }
    else
    {
        echo "Uneti podaci nisu tacni!";
    }
}

function get_userdata($user_id)
{
    $user_id = intval($user_id);

    $sql = "SELECT * FROM user
            WHERE user_id = $user_id";
    if ( !($result = mysql_query($sql)) )
    {
        die("Trazeni korisnik ne postoji!");
    }

    return ( $row = mysql_fetch_array($result) ) ? $row : false;
}

function cookie_check() {

    $cookie_user_id = $_COOKIE['test_user_id'];
    $cookie_passwd = $_COOKIE['test_user_passwd'];

    $userdata = get_userdata($cookie_user_id);

    if ( ( $userdata['user_id'] == $cookie_user_id ) && ( $userdata['password'] == $cookie_passwd ) ) {
        $logged_in_check = 1;
    }
    else
    {
        $logged_in_check = 0;
    }
    return ( $logged_in_check == 1 ) ? true : false;
}

function logout() {

    global $cookie_length, $hostname;

    setcookie('test_user_id', '', time() - $cookie_length, '/', $hostname, 0);
    setcookie('test_user_passwd', '', time() - $cookie_length, '/', $hostname, 0);

    header("Location: ?q=index");
}

?>

_{[Ovu poruku je menjao NenadS dana 17.05.2006. u 18:03 GMT+1]}

[ w3bl0rd @ 17.05.2006. 19:36 ] @

a što se događa ako refreshaš stranicu nakon logouta?

[ Davor Grubelić @ 17.05.2006. 22:23 ] @

evo ja sam to na malo drugačiji način riješio:

prvi kod je skripta za provjeru stanja korisnika.....

Code:

<?php

class userLog {

    public  $username;
    private $db;
    public  $login;
    private  $login_required = true;

    public function SessionStart() {
        if (!isset($_SESSION['login'])) {
        session_start();
        }
    }

    public function SessionStop(){
        if (isset($_SESSION['login'])) {
            unset($_SESSION['login']);
        }
        session_destroy();
    }

    public function __construct() {

        $this->SessionStart();
        global $db;
        $this->db =& $db;
    }

    public function check_status() {
        if ($this->login_required == true) {
            $login = $this->session_check_status();
        }
        else {
            $login = false;
        }
        if ($login == true) {
            echo "Uspješno ste ulogirani."."<br>";
            echo "<br>";
            echo "[ <a href=".$_SERVER['PHP_SELF']."?logout>Odjavi me...</a> ]<br><br>";
        }
        else {
            echo "Logiranje nije uspjelo"."<br>"."<br><br>";
        }


    }

    private function session_check_status() {
        if (isset($_SESSION['login'])         and
            !isset($_POST['username'])         and
            !isset($_POST['password'])         and
            !isset($_GET['logout'])) {
                return true;
        }
        elseif (isset($_SESSION['login'])    and
                isset($_POST['username'])    and
                isset($_POST['password'])) {
                    return $this->try_to_login($_POST['username'], $_POST['password']);
                }
        elseif (isset($_POST['username'])     and
                isset($_POST['password'])) {
                    return $this->try_to_login($_POST['username'], $_POST['password']);

        }
        elseif (isset($_GET['logout'])) {
            $this->user_deactivate();
            $this->SessionStop();
            return false;

        }
        else {
            return false;
        }
    }

    private  function try_to_login($username1, $password) {
        $passScr = md5(crc32($password));
        $kod = "SELECT DG_nick, DG_ime, DG_prez
                FROM dg_users
                WHERE dg_username = \"$username1\"
                AND dg_password = \"$passScr\"";
        $rs = $this->db->GetAll($kod);
        $rs_count = count($rs);

        if ($rs_count == 1) {
            if ($rs[0]['DG_nick'] == "Administrator") {
                $_SESSION['admin'] = $rs[0]['DG_nick'];
                $_SESSION['login'] = $rs[0]['DG_nick'];
                $_SESSION['ime'] = $rs[0]['DG_ime'];
                $_SESSION['prez'] = $rs[0]['DG_prez'];
                $this->username = $rs[0]['DG_nick'];
            } else {
                $_SESSION['login'] = $rs[0]['DG_nick'];
                $_SESSION['ime'] = $rs[0]['DG_ime'];
                $_SESSION['prez'] = $rs[0]['DG_prez'];
                $this->username = $rs[0]['DG_nick'];
            }
            $this->login = true;
            return true;
        }
        else {
            $this->login = false;
            return false;
        }
    }

    /*private function user_activate() {
        if (isset($_SESSION['login'])) {
            $login_time = date("Y-m-d H:i:s");
            $kod_activeate = 'INSERT INTO users_online (user, log_time) VALUES ("'.$_SESSION['login'].'", "'.$login_time.'")';
            $this->db->Execute($kod_activeate);
        }
    }*/

    private function user_deactivate() {
        if (isset($_SESSION['login'])) {
            $kod_deactivate = 'DELETE FROM users_online WHERE user = "'.$_SESSION['login'].'"';
            $this->db->Execute($kod_deactivate) or die(mysql_error());
        }
    }

}

?>

a ovim sam u index.php provjerio šta treba log skripta radit...

Code:

if (isset($_SESSION['login']) or $loginUser->login == true) {
        echo "Korisnik:<p id=\"redtext\"><b><br>".$_SESSION['login']."</b></p>";
        echo $_SESSION['ime']." ".$_SESSION['prez']."<br><br>";
        ?>


        <form action="<?php echo $_SERVER['PHP_SELF']?>" method="POST">
        <table>
                <tr><td><input type="hidden" name="post_ime" value="<?php echo $_SESSION['login']?>"></td>
                </tr>
                <tr>
                    <td><p id="other_text">Upišite vašu poruku:</p></td>
                </tr>
          </table>
                <table width="15%" height="30%">
                <tr><td><textarea name="post_poruka" cols="20" rows="10" id="textarea"></textarea></td></tr>
                <tr><td align="right"><input type="submit" name="send" value="Pošalji" id="button"></td></tr>
            </table>
        </form>




            <?php
        }

/**
*
*
*/

if (!isset($_SESSION['login']) and $loginUser->login == false and !isset($_GET['to_register']))  {

    ?>
        <form action="<?php echo $_SERVER['PHP_SELF']?>" method="POST">
            <table>
                    <tr><td id="other_text">Username:</td></tr><td><input type="text" name="username" size="15" id="textboxovi"></td></tr>
                    <tr><td id="other_text">Password:</td><tr><td><input type="password" name="password" size="15" id="textboxovi"></td></tr>
                    <tr><td><input type="submit" name="posalji" value="Prijavi me" id="button"></td></tr>
            </table>
        </form>
        <a href="<?php $_SERVER['PHP_SELF']?>?to_register">Registrirajte se!</a>
<?php
}

pa si lijepo pogledaj i prilagodi kako ti odgovara. način je nešto drugačiji, ali ovo radi.

[ Davor Grubelić @ 17.05.2006. 22:36 ] @

kako ovaj moj kod radi možeš provjerit na http://davor.webit.hr/

[ NenadS @ 20.05.2006. 10:46 ] @

Na refresh nista se ne desava, sve ostaje isto... a ovaj primer sto si mi ti dao, on koristi sesije, a one traju dok je browser otvoren, a meni treba cookie koji ce da traje onoliko koliko ja podesim... ali hvala u svakom slucaju na dobroj volji.

Poz

[ Davor Grubelić @ 20.05.2006. 17:28 ] @

pa ti samo zamjeni sve session-e sa cookie-ima. mislim da bi trebalo funkcionirat.

[ NenadS @ 21.05.2006. 20:25 ] @

Evo, posle jos malo razmisljasnja i kucanja, napravio sam scriptu koja radi ono sto treba da radi :)

E sad, ako bi neko mogao da je pogleda, da kaze sta bi izmenio, sta dodao, sta je suvisno i sto me najvise zanima, a to je sigurnost varijabli i SQL upita, jer ne bih voleo da neko za username ukuca

Code:
'); DROP users; ('

i da tako obrise celu users tabelu ili uradi nesto drugo...

Znaci, koji je najbolji nacin da se varijable koje korisnik unosi osiguraju... addslashes, trim i ili nesto deseto u kombinaciji?

A evo i code-a koji sada radi :)

Code:
<?php

include('db.php');

$is_logged = login_check();
$user_data = get_userdata();

switch ($_REQUEST['q']) {

    default:
    case 'index':
            index();
    break;
    case 'login_form':
            login_form();
    break;
    case 'login':
            login();
    break;
    case 'logout':
            logout();
    break;
}

function index() {

    global $is_logged;

    if($is_logged !== false) {
        echo 'Zdravo ' . $_COOKIE['test_username'] . '!<br />
        <a href="' . $_SERVER['PHP_SELF'] . '?q=logout">Logout</a>';
    }
    else
    {
        login_form();
    }
}

function login_form() {

    echo '<form name="login_form" action="' . $_SERVER['PHP_SELF'] . '?q=login" method="post">
    Username: <input type="text" name="username"><br />
    Password: <input type="password" name="password"><br />
    <input type="submit" value="Login">
    </form>';
}

function login() {

    global $is_logged;

    $form_username = str_replace("\'", "''", trim($_POST['username']));
    $form_password = addslashes($_POST['password']);

    if ( !($form_username) || !($form_password) ) {
        echo 'Niste uneli username i/ili password!';
        login_form();
    }
    else
    {
        $sql = mysql_query("SELECT * FROM users
                            WHERE user_name = '$form_username'
                            AND user_password = '$form_password'");
        $login_check = mysql_num_rows($sql);

        if ($login_check > 0) {
            setcookie ('test_username', $form_username, time() + 3600);
            setcookie ('test_password', $form_password, time() + 3600);
            $is_logged = true;

            echo 'Zdravo ' . $form_username . '!<br />
            Povratak na <a href="' . $_SERVER['PHP_SELF'] . '?q=index">index</a><br />
            <a href="' . $_SERVER['PHP_SELF'] . '?q=logout">Logout</a>';
        }
        else
        {
            echo 'Uneseni podaci nisu tacni!<br />Molimo vas da pokusate ponovo.';
            login_form();
        }
    }
}

function logout() {

    global $is_logged, $user_data;

    if( isset($_COOKIE['test_username']) && isset($_COOKIE['test_password']) ) {
        setcookie ('test_username', '', time() - 3600);
        setcookie ('test_password', '', time() - 3600);
        $is_logged = false;
        unset($user_data);

        echo $_COOKIE['test_username'] . ', uspesno ste izlogovani!<br />
        Ako zelite ponovo da se ulogujete, kliknite <a href="' . $_SERVER['PHP_SELF'] . '?q=login_form">ovde</a>';
    }
    else
    {
        index();
    }
}

function login_check() {

    $cookie_username = str_replace("\'", "''", trim($_COOKIE['test_username']));
    $cookie_password = addslashes($_COOKIE['test_password']);

    $sql = mysql_query("SELECT * FROM users
                        WHERE user_name = '$cookie_username'
                        AND user_password = '$cookie_password'");
    $login_check = mysql_num_rows($sql);

    if ($login_check > 0) {
        return true;
    }
    else
    {
        return false;
    }
}

function get_userdata() {

        $username = ( isset($_COOKIE['test_username']) ? $_COOKIE['test_username'] : $_POST['username'] );

        $sql = "SELECT * FROM users
                WHERE user_name = '$username'";
        if ( !($result = mysql_query($sql)) )
        {
            die("Trazeni korisnik ne postoji!");
        }
        return ( $row = mysql_fetch_array($result) ) ? $row : false;
}

echo '<br />';
echo ( ($is_logged !== false) ? 'Vi ste clan sa statusom ' . ( ( $user_data['user_status'] == 1 ) ? 'Administratora' : 'Korisnik' ) . '!': 'Vi ste gost!' );

?>

Hvala :)

_{[Ovu poruku je menjao NenadS dana 21.05.2006. u 22:11 GMT+1]}

[ Davor Grubelić @ 21.05.2006. 22:13 ] @

evo sad sam malo provukao skriptu kroz "ruke".
funkcionira.
a što se tiče sigurnosti.....

trebao bi kriptirati lozinku jer je dosta izložena "pogledima". --> preko cookie-ja

Citat:

....jer ne bih voleo da neko za username ukuca

Code:

'); DROP users; ('

probao --> ne fercera.

trebao bi i dodati funkciju za registraciju.
morao sam ručno u phpMyAdmin-u dodavati username i password.

_{[Ovu poruku je menjao dgrubel dana 21.05.2006. u 23:14 GMT+1]}

[ NenadS @ 21.05.2006. 23:15 ] @

Da bih proverio sigurnost iskljucio sam magic_quotes_gpc u php.ini i sta se desava...

Ako za username ukucam recimo Nenad'# test i tacnu sifru, to prolazi kao tacno i cookie upise taj user, a na sajtu dobijam Zdravo Nenad'# test bez obzira sto imam proveru

Code:
str_replace("\'", "''", trim($_POST['username']));

kao i proveru za cookie

Code:
str_replace("\'", "''", trim($_COOKIE['test_username']));

E sad, probao sam sa addslashes() ali desava se istva stvar...

Jedino kako lepo radi i ne dozvoljava te gluposti jeste ako varijable 'provucem' kroz funkciju mysql_escape_string() e u tom slucaju niti mogu da se ulogujem, a kada se ulogujem sa tacnim podacima i promeni vrednost u cookie, on me izloguje sam, dok u ova dva slucaja, mogu da promenim vrednost cookie-a i pisace mi neki drugi username...

Po defaultu magic_quotes_gpc je ukljucen ali opet, zanima me kako addslashes ne odradjuje posao kako treba?

p.s.
I ja sam rucno napravio bazu i ubacio par usera... posto mi taj deo nije bio toliko bitan za testiranje :)

Ovo je sad kao nesto malo sigurnija verzija scripte...

Code:
<?php

include('db.php');

$is_logged = login_check();
$user_data = get_userdata();

switch ($_REQUEST['q']) {

    default:
    case 'index':
            index();
    break;
    case 'login_form':
            login_form();
    break;
    case 'login':
            login();
    break;
    case 'logout':
            logout();
    break;
}

function index() {

    global $is_logged;

    if($is_logged !== false) {
        echo 'Zdravo ' . $_COOKIE['test_username'] . '!<br />
        <a href="' . $_SERVER['PHP_SELF'] . '?q=logout">Logout</a>';
    }
    else
    {
        login_form();
    }
}

function login_form() {

    echo '<form name="login_form" action="' . $_SERVER['PHP_SELF'] . '?q=login" method="post">
    Username: <input type="text" name="username"><br />
    Password: <input type="password" name="password"><br />
    <input type="submit" value="Login">
    </form>';
}

function login() {

    global $is_logged;

//    $form_username = str_replace("\'", "''", trim($_POST['username']));
//    $form_password = addslashes($_POST['password']);
    $form_username = mysql_escape_string($_POST['username']);
    $form_password = mysql_escape_string($_POST['password']);

    if ( !($form_username) || !($form_password) ) {
        echo 'Niste uneli username i/ili password!';
        login_form();
    }
    else
    {
        $sql = mysql_query("SELECT * FROM users
                            WHERE user_name = '$form_username'
                            AND user_password = '$form_password'");
        $login_check = mysql_num_rows($sql);

        if ($login_check > 0) {
            $form_username = stripslashes($form_username);
            $form_password = stripslashes($form_password);
            setcookie('test_username', $form_username, time() + 3600);
            setcookie('test_password', $form_password, time() + 3600);
            $is_logged = true;

            echo 'Zdravo ' . $form_username . '!<br />
            Povratak na <a href="' . $_SERVER['PHP_SELF'] . '?q=index">index</a><br />
            <a href="' . $_SERVER['PHP_SELF'] . '?q=logout">Logout</a>';
        }
        else
        {
            echo 'Uneseni podaci nisu tacni!<br />Molimo vas da pokusate ponovo.';
            login_form();
        }
    }
}

function logout() {

    global $is_logged, $user_data;

    if( isset($_COOKIE['test_username']) && isset($_COOKIE['test_password']) ) {
        setcookie('test_username', '', time() - 3600);
        setcookie('test_password', '', time() - 3600);
        $is_logged = false;
        unset($user_data);

        echo $_COOKIE['test_username'] . ', uspesno ste izlogovani!<br />
        Ako zelite ponovo da se ulogujete, kliknite <a href="' . $_SERVER['PHP_SELF'] . '?q=login_form">ovde</a>';
    }
    else
    {
        index();
    }
}

function login_check() {

//    $cookie_username = str_replace("\'", "''", trim($_COOKIE['test_username']));
//    $cookie_password = addslashes($_COOKIE['test_password']);
    $cookie_username = mysql_escape_string($_COOKIE['test_username']);
    $cookie_password = mysql_escape_string($_COOKIE['test_password']);

    $sql = mysql_query("SELECT * FROM users
                        WHERE user_name = '$cookie_username'
                        AND user_password = '$cookie_password'");
    $login_check = mysql_num_rows($sql);

    if ($login_check > 0) {
        return true;
    }
    else
    {
        return false;
    }
}

function get_userdata() {

        $username = ( isset($_COOKIE['test_username']) ? mysql_escape_string($_COOKIE['test_username']) : mysql_escape_string($_POST['username']) );

        $sql = "SELECT * FROM users
                WHERE user_name = '$username'";
        if ( !($result = mysql_query($sql)) )
        {
            die("Trazeni korisnik ne postoji!");
        }
        return ( $row = mysql_fetch_array($result) ) ? $row : false;
}

echo '<br />';
echo ( ($is_logged !== false) ? 'Vi ste clan sa statusom ' . ( ( $user_data['user_status'] == 1 ) ? 'Administratora' : 'Korisnik' ) . '!': 'Vi ste gost!' );

?>

_{[Ovu poruku je menjao NenadS dana 22.05.2006. u 00:49 GMT+1]}

[ Davor Grubelić @ 21.05.2006. 23:58 ] @

evo sad baš malo gledam po php manual-u i pronašao slijedeće:

Citat:

The PHP directive magic_quotes_gpc is on by default, and it essentially runs addslashes() on all GET, POST, and COOKIE data. Do not use addslashes() on strings that have already been escaped with magic_quotes_gpc as you'll then do double escaping.

što bi značilo da nemoraš pravit addslashes() na GET, POST i COOKIE varijablama....jer onda radi dupli posao i umjesto "Tom\'s comp." ti dobiješ
"Toms\\' comp.".
ako već hoćeš radit addslashes() onda prvo GPC varijable spremi u neke proizvoljne varijable pa onda pravi addslashes().

evo i mojih preinaka tvog koda. malo mi je bilo dosadno pa sam se bacio u dodavanje nekih sitnica. gruba registracija....

switch.......(dodatak)

Code:

case 'register':
            register();
    break;
case 'register_form':
                register_form();
    break;

i dvije nove funkcije....

Code:

function register_form() {
    echo '<form name="login_form" action="' . $_SERVER['PHP_SELF'] . '?q=register" method="post">
    Username: <input type="text" name="reg_username"><br />
    Password: <input type="password" name="reg_password"><br />
    <input type="submit" value="Register">
    </form>';
}

function register() {
    $reg_name = $_POST['reg_username'];
    $reg_passwd = $_POST['reg_password'];

    $sql_query = 'INSERT INTO 'table name' (username, password) VALUES ("' . $reg_name . '", "'. $reg_passwd . '")';
    mysql_query($sql_query);
    echo '<a href="' . $_SERVER['PHP_SELF'] . '?q=login_form" method="post">Login</a>';
}

_{[Ovu poruku je menjao dgrubel dana 22.05.2006. u 03:29 GMT+1]}

[ NenadS @ 26.05.2006. 15:49 ] @

Hvala ti, radi ovo kako treba :)

Sve najbolje