[Tool/Web/Other] UCP 0.1
#1

Hey guys
Last night I started making an UCP System for my server, so I wanted to discuss with you the possible security issues with the code. It is consisted from 3 files, index.php, connect.php and login.php.
Please don't mind the current layout because it is only a work in progress, I am just interested in the possible security issues.

index.php
Код:
<html>
<head><title>Balkan Underground UCP</title></head>
<body>
<form action="login.php" method="post">
<table align="center">
<tr>
<td align="center">
<b><font size="4" color="#000080">Balkan Underground UCP</font></b>
</td>
</tr>
<tr align="center">
<td>
<p><input type="text" name="User" size="20" /></p>
<p><input type="password" name="Password" size="20" /></p>
</td>
</tr>
<tr>
<td align="center">
<p><input type="submit" />
<input type="reset" /> </p>
</td>
</tr>
</table>
</form>
</body>
</html>
connect.php
Код:
<?php
$con = mysql_connect("localhost","testuser","*********");
mysql_select_db("testuser");
?>
login.php
Код:
<?php
include("connect.php");
session_start();
if (!$con)
  {
  die('Could not connect: ' . mysql_error());
  }
  if(isset($_SESSION["Username"]))
  {
    $user = $_SESSION["Username"];
    $pass = $_SESSION["Password"];
  }
  else
  {
    $user = $_POST["User"]; 
    $pass = $_POST["Password"];
    $_SESSION['Username'] = $user;
    $_SESSION['Password'] = $pass;
    $escuser = mysql_real_escape_string($user);
    $escpass = mysql_real_escape_string($pass);
  }
  $query = "SELECT * FROM users WHERE pUsername = '$escuser'";
  $result = mysql_query($query);
  $username_exist = mysql_num_rows($result);
  if($username_exist == 0)
  {
    echo 'That profile does not exist! <br />';
    echo '<a href="index.php">Idi nazad</a>';
    unset($_SESSION['Username']);
    unset($_SESSION['Password']);
    die;
  }  
  $row = mysql_fetch_row($result);
  if($row[2] !== $escpass)
  {
    echo 'Password is not valid!  <br />';
    echo '<a href="index.php">Idi nazad</a>';
    unset($_SESSION['Username']);
    unset($_SESSION['Password']);
    die;
  }

$message = "Welcome $escuser!<br />";
echo $message;
echo "<br />";
echo "
<table border = 1>
  <tr>
    <td>Level</td>
    <td>$row[7]</td>
  </tr>
  <tr>
    <td>Expirience</td>
    <td>$row[8]</td>
  </tr>
  <tr>
    <td>Hours Played</td>
    <td>$row[9]</td>
  </tr>

  <tr>
    <td>Money</td>
    <td>$$row[10]</td>
  </tr>
  <tr>
    <td>Bank</td>
    <td>$$row[11]</td>
  </tr>
</table>";
?>
Live test: URL
User: demo
Pass: demo
Reply
#2

what's this !!!!!!!!!!!!!
Reply
#3

This is a UCP where people can see their stats
Reply
#4

It might have future. 1st of all do some graphics, then move on to admin cp, where admins can change users stats passwords, etc.
Edit: Haha lol, bu-rp.info, kinda funny
Reply
#5

Quote:
Originally Posted by Oliverraisk
Посмотреть сообщение
Edit: Haha lol, bu-rp.info, kinda funny
and why is that so?
Reply
#6

PHP код:
function sanitizeString($var){
$var stripslashes($var);
$var htmlentities($var);
$var strip_tags($var);
return 
$var;

Use this for escaping forms.

PHP код:
function sanitizeSQL($var){
$var mysql_real_escape_string($var);
$var sanitizeString($var);
return 
$var;

Use this for escaping mysql string.

These codes are efficient and enhances security against SQL and XSS attacks.

If you want more security against passwords use this technique:

PHP код:

$Salt1 
"#$@#%#$!@$@#1234223233";
$Salt2 "#*$(#@$&AJDSU#341224334";
$Hash md5("$Salt1$password$Salt2"); 
Reply
#7

thank you very much xFlawless, I expected your answer
Reply
#8

Nice UCP but you should add some graphic on it
Reply
#9

yea, I know, it's only in 0.1
last night i started developing, when I add more stuff, I'll release it here
thank you for your comment
Reply
#10

No problem, check my post i edited it.
Reply
#11

niiice, very clever
Reply
#12

Yes, but the people needs to modify something in the script like pUsername depends what they have in script
Reply
#13

this is not released yet to be used by the public, i've opened this topic to get usefull info about better security than the one that has been implemented in the curent script
Reply
#14

Can you please post all files by compressing them in a .rar or .zip and upload and share? or you just want help in coding that for you created topic?
Reply
#15

Quote:
Originally Posted by royal_king
Посмотреть сообщение
Can you please post all files by compressing them in a .rar or .zip and upload and share? or you just want help in coding that for you created topic?
If you can understand he mentioned he wants to know possible security issues.
Reply
#16

add .db file
Reply
#17

read above guys:

Quote:
Originally Posted by Gigi-The-Beast
Посмотреть сообщение
this is not released yet to be used by the public, i've opened this topic to get usefull info about better security than the one that has been implemented in the curent script
Reply
#18

Can you post another demo link?
Reply
#19

Nice work but why don't you use a MVC framework? It can semplify your life a lot
Reply
#20

can you explain a bit more?
Reply


Forum Jump:


Users browsing this thread: 3 Guest(s)