I was working for a personal project, where i am developing a simple login system which has simple authorization methods such as is_logged_in,login,register and logout.
I was wondering how can i make my login system safe from hijacking,man in the middle and fixiation?
Here is my code:
class Auth extends Session
{
public $ip_address;
public $timestamp;
public $user_agent;
public function __construct()
{
$this->ip_address = $_SERVER['REMOTE_ADDR'];
$this->user_agent = $_SERVER['HTTP_USER_AGENT'];
$this->timestamp = date('Y-m-d H:i:s');
}
public function login($table = 'users',$username,$password,$username_column = 'username',$password_column = 'password')
{
if(!isset($username,$password))
{
return FALSE;
} else {
$username = mysql_real_escape_string($username);
$password = md5(strip_tags($password));
$query = "SELECT * FROM $table WHERE $username_column='$username' AND $password_column='$password'";
if(mysql_num_rows($query) != 0)
{
$session_vars = array(
'session_id' => session_id(),
'username' => stripcslashes($username),
'ip_address' => $this->ip_address,
'user_agent' => $this->user_agent,
'timestamp' => $this->timestamp
);
$this->set_array($session_vars);
$session_query = "INSERT INTO sessions(session_id,username,ip_address,user_agent,timestamp)";
$session_query .= "VALUES('".implode(",'",$session_vars)."')";
mysql_query($session_query) or die(mysql_error());
return TRUE;
}else{
return FALSE;
}
}
}
Hijacking/fixation: regenerate your SID on each request.
Middle man attack: Use SSL
And for the love of god, do not accept session information through
GETorPOST.