是的,我已经修改了一段时间,除了用户帐户页面之外,其他所有功能都可以正常工作,我的问题是;有人可以发现我在这里所做的错别字,或者可以给我一些帮助使其工作吗?
该网站似乎绕过了这部分,直接进入其他部分(如下所示):
<?
if(isset($_COOKIE['ID_my_site'])){
$email = $_COOKIE['ID_my_site'];
$pass = $_COOKIE['Key_my_site'];
$con = mysqli_connect(DATABASE STUFF) or die(mysqli_error());
$check = mysqli_query($con,"SELECT email, pass2 FROM userAccount WHERE email=$email")or die(mysqli_error());
while($info = mysqli_fetch_array($check)){
if ($pass != $info['pass2']){
echo "Wrong Password or Email!, Please <a href='login.php'>Login here</a> to see your account or <a href='register.php'>Register here</a>.";
}else{
$con=mysqli_connect(DATABASE STUFF);
$sqlCommand = "(SELECT * FROM userAccount WHERE email=$email)";
$query = mysqli_query($con,$sqlCommand) or die("Error: ".mysqli_error($con));
$column = mysqli_fetch_array($query);
echo "<section class='userName'><h3>".$column['firstName']." ".$column['surname']."</h3></section>";
echo "<section class='address'>".$column['addressLine1']."<br />".$column['addressLine2']."<br />".$column['county']."<br />".$column['country']."<br />".$column['postCode']."</section>";
echo "<section class='email'><h3>".$column['email']."</h3></section>";
echo "<section class='passwordUpdate'><a href='update.php?user_id=".$column['user_id']."'>Change Password</a></section>";
}
}
无论如何,它都会直接出现的“其他”:
}else{
echo "You cannot see this page, Please <a href='login.php'>Login here</a> to see your account or <a href='register.php'>Register here</a>.";
}
以下是登录过程,以防万一有人问:
<?
$con = mysqli_connect(DATABASE STUFF) or die(mysqli_error($con));
if(isset($_COOKIE['ID_my_site'])){
$email = $_COOKIE['ID_my_site'];
$pass = $_COOKIE['Key_my_site'];
$check = mysqli_query($con,"SELECT email, pass2 FROM userAccount WHERE email='".$_POST['email']."'")or die(mysqli_error($con));
while($info = mysqli_fetch_array($check)){
if ($pass != $info['pass2']){
}else{
header("Location: http://www.littlepenguindesigns.co.uk/pages/CMX/pages/userAccount.php");
}
}
}
if (isset($_POST['submit'])) {
if(!$_POST['email'] | !$_POST['pass']) {
die('You did not fill in a required field.');
}
if (!get_magic_quotes_gpc()) {
$_POST['email'] = addslashes($_POST['email']);
}
if(IsInjected($email)){
die('Bad email value!');
}
$check = mysqli_query($con,"SELECT * FROM userAccount WHERE email='".$_POST['email']."'")or die(mysqli_error($con));
$check2 = mysqli_num_rows($check);
if ($check2 == 0) {
die('That user does not exist in our database. <a href="http://www.littlepenguindesigns.co.uk/pages/CMX/pages/registration.php">Register</a>');
}
while($info = mysqli_fetch_array($check)){
$_POST['pass'] = stripslashes($_POST['pass']);
$info['pass2'] = stripslashes($info['pass2']);
$_POST['pass'] = md5($_POST['pass']);
if($_POST['pass'] != $info['pass2']) {
die('Incorrect password, please <a href="http://www.littlepenguindesigns.co.uk/pages/CMX/pages/login.php">try again</a>.');
}else{
$_POST['email'] = stripslashes($_POST['email']);
$hour = time() + 3600;
setcookie(ID_my_site, $_POST['email'], $hour);
setcookie(Key_my_site, $_POST['pass'], $hour);
header("Location: http://www.littlepenguindesigns.co.uk/pages/CMX/pages/userAccount.php");
}
}
}else{
header("Location: http://www.littlepenguindesigns.co.uk/pages/CMX/pages/login.php");
}
function IsInjected($str){
$injections = array('(\n+)',
'(\r+)',
'(\t+)',
'(%0A+)',
'(%0D+)',
'(%08+)',
'(%09+)');
$inject = join('|', $injections);
$inject = "/$inject/i";
if(preg_match($inject,$str)){
return true;
}else{
return false;
}
}
以及PHP文件中的登录表单:
<form action="extras/loginProcess.php" method="post" name="login_form">
Email: <input type="text" name="email" /><br />
Password: <input type="password" name="pass" id="pass" /><br />
<input type="submit" name="submit" value="Sign in" />
</form>
最后是MyPHPAdmin中的TABLE:
CREATE TABLE `userAccount` (
`user_id` int(11) NOT NULL AUTO_INCREMENT,
`firstName` varchar(20) COLLATE utf8_unicode_ci NOT NULL,
`surname` varchar(20) COLLATE utf8_unicode_ci NOT NULL,
`addressLine1` varchar(30) COLLATE utf8_unicode_ci NOT NULL,
`addressLine2` varchar(30) COLLATE utf8_unicode_ci NOT NULL,
`county` varchar(20) COLLATE utf8_unicode_ci NOT NULL,
`country` varchar(20) COLLATE utf8_unicode_ci DEFAULT NULL,
`postCode` varchar(10) COLLATE utf8_unicode_ci NOT NULL,
`email` varchar(50) COLLATE utf8_unicode_ci NOT NULL,
`email2` varchar(50) COLLATE utf8_unicode_ci NOT NULL,
`pass` varchar(10) COLLATE utf8_unicode_ci NOT NULL,
`pass2` varchar(10) COLLATE utf8_unicode_ci NOT NULL,
PRIMARY KEY (`user_id`)
) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE=utf8_unicode_ci AUTO_INCREMENT=5 ;
该数据库是正确的,我尽了最大的努力使此工作得以完成,并一直返回到我知道它在大多数情况下都是安全的默认代码。
我已经尝试过将pass2更改为pass(甚至将数据库中的pass更改为password并在需要的地方进行配置,但同样会发生)。
如果有人可以帮助我,那就太好了,谢谢。
最佳答案
好的,学习编写自己的东西总是很不错的..但是为什么不使用内置登录系统的现有平台(如wordpress,drupal等)呢?
您的代码极易受到攻击。我可以在Cookie中写入任何SQL,然后您将该变量添加到SQL查询中($ email变量)。
关于php - PHP MySql用户帐户绕过cookie,我们在Stack Overflow上找到一个类似的问题:https://stackoverflow.com/questions/20414734/