Is this login system secure ?
if ($_POST[$submit]){
$user = $_POST[$user];
$pass = $_POST[$pass];
if ($user && $pass){ //if user and pass is enterered
require("vars.php"); //require MySQL conection settings
mysql_connect($auth_mysql_server, $auth_mysql_user, $auth_mysql_pass); //connect to MySQL
mysql_select_db($auth_mysql_db); // select MySQL database
$pass = md5($pass); // hash password
$query = mysql_query("SELECT * FROM $auth_mysql_table WHERE user='$user'"); // run query
$numrows = mysql_num_rows($query);
if ($numrows == 1){ //check if user exists
$row = mysql_fetch_assoc ($query);
$dbid = $row[$auth_mysql_id_row];
$dbuser = $row[$auth_mysql_user_row];
$dbpass = $row[$auth_mysql_pass_row];
if ($pass == $dbpass){ // if password is equal to the one in the database start session
session_start();
//set session information
$_SESSION['user'] = $dbuser;
header("Location:$auth_loggedin"); // goto logged in page
}
else return (3);
}
else return (2);
mysql_close(); // close MySql connection
}
else return (1);}
If not how could i make it secure ?
I hashed the password but i know md5 can be decrypted however sha1 can be too.Also is themysql_close() needed ?
no it is not secure. you are opening yourself to sql-injection attacks. imagine what would happen, if somebody entered this into your user-input-field (which goes into the $_POST[$user])
this would result in an sql statement like this:
which you would execute against your database. that’s bad!
you need to sanitize your input. read this: http://php.net/manual/en/security.database.sql-injection.php
edit: relevant