I am trying to set up a PHP members area on my web server, which has hashed and salted passwords. I registered an account and checked the database – the user is created as expected – everything seemed fine. The problem is whenever I try to log in it says the login is incorrect (username or password). Of course this is being done in a test area, and the user name and password I registered with should work – but doesn’t.
auth.php: should authenticate the user and create a session if the details are valid
//login never works
<?php
session_start();
$username = $_POST['username'];
$password = $_POST['password'];
if (strlen($username)<3 || strlen($password)<3) {
header('Location: log_in.php5?error=1');
die();
}
$username = mysql_real_escape_string($username);
function validateUser() {
session_regenerate_id ();
$_SESSION['valid'] = 1;
$_SESSION['userid'] = $username;
}
include "../db_login.php5";
mysql_select_db("DB_NAME", $con);
$query = "SELECT password, salt
FROM users
WHERE username = '" . $username . "';";
$result = mysql_query($query);
$userData = mysql_fetch_assoc($result);
$count = mysql_num_rows($userData);
if ($count < 1) {
header('Location: log_in.php5?error=1');
die();
}
$salt = "";
$hashed_pass = "";
for ($x=0; $x<1; $x++) {
$salt = $userData['salt'];
$hashed_pass = $userData['password'];
}
$hash = hash('sha256', $salt . hash('sha256', $password));
mysql_close($con);
if ($hash != $hashed_pass) {
header('Location: log_in.php5?error=1');
die();
} else {
validateUser();
}
header('Location: members.php5');
?>
register.php: should take the username, hash the password with a salt, store all 3 to DB //works
<?php
//retrieve our data from POST
$username = $_POST['username'];
$pass1 = $_POST['pass1'];
$pass2 = $_POST['pass2'];
if($pass1 != $pass2)
header('Location: sign_up.php5');
if(strlen($username) > 30)
header('Location: sign_up.php5');
$hash = hash('sha256', $pass1);
function createSalt(){
$string = md5(uniqid(rand(), true));
return substr($string, 0, 3);
}
$salt = createSalt();
$hash = hash('sha256', $salt . $hash);
include "../db_register.php5";
mysql_select_db("DB_NAME", $con);
//sanitize username
$username = mysql_real_escape_string($username);
$query = "INSERT INTO users (username, password, salt)
VALUES ( '$username' , '$hash' , '$salt' );";
mysql_query($query);
mysql_close($con);
header('Location: log_in.php5');
?>
The login.php file is a simple form which posts the data to auth.php;
the sign_up.php file is also a simple form which posts the user data to register.php.
What is wrong with my code that it wont allow me to log in?
EDIT:
So I’ve narrowed the problem down so the $username variable which seems to be blank from the start?
output:
Count:
User:
Query: SELECT * FROM `users` WHERE `username`='';
code for output:
$query = "SELECT *
FROM `users`
WHERE `username`='".$username."';";
$result = mysql_query($query);
$userData = mysql_fetch_assoc($result);
$count = mysql_num_rows($userData);
if ($count < 1) {
echo "Count: ".$count."<BR/>"
. "User: " .$username ."<BR/>"
. "Query: " .$query;
//header('Location: log_in.php5?error=1,count='.$count.'user='.$username);
//die();
}
$count and $username are not printed in either Address nor the sql query
EDIT 2:
*Jared* eventually found the problems which were two in number:
1) $username = mysql_real_escape_string($username); <-- required a db connection $con in my case
2) $count = mysql_num_rows($userData); <-- required to pass the $result instead.
Thanks everyone!
What’s with this part?
Do a var_dump of
$userData.EDIT
and near the bottom: