php密码验证覆盖功能返回false
我正在尝试创建一个覆盖功能,其中用户键入现有登录凭据,验证返回的结果行是否与这些凭据匹配,然后验证该用户是否具有分配给他们的覆盖角色。如果两个MySQL语句都返回true,我想运行最后一个查询,从编码表中删除一行 在我的当前代码中,程序传递第一条if语句并运行第二条SELECT语句。然后,如果要移动到第三个SELECT语句,它似乎会运行第二个SELECT语句。但是,在第三个if语句中,DELETE语句不成功 我想我有几个问题:php密码验证覆盖功能返回false,php,mysql,authentication,passwords,Php,Mysql,Authentication,Passwords,我正在尝试创建一个覆盖功能,其中用户键入现有登录凭据,验证返回的结果行是否与这些凭据匹配,然后验证该用户是否具有分配给他们的覆盖角色。如果两个MySQL语句都返回true,我想运行最后一个查询,从编码表中删除一行 在我的当前代码中,程序传递第一条if语句并运行第二条SELECT语句。然后,如果要移动到第三个SELECT语句,它似乎会运行第二个SELECT语句。但是,在第三个if语句中,DELETE语句不成功 我想我有几个问题: 我不知道我是否正确比较了密码 问题是否由嵌套的if语句引起 我的问
- 我不知道我是否正确比较了密码
- 问题是否由嵌套的if语句引起
- 我的问题是“if($result1){…}”(假设只要SELECT语句在返回0个结果的情况下成功运行,
就会返回true)result1
- 我的变量已成功发布,且数据类型正确
- 仅使用第一条if/else语句,即使输入了错误的凭据,警报响应也始终是“成功”结果
这不是答案,但只是想让您知道,您的代码容易受到SQL注入的攻击。试着阅读准备好的语句来解决这个问题。是的,我想使用准备好的语句,但我觉得我在试图确定原始程序员在db中加密密码的方式时遇到了问题……你认为他们是这样做的,但看起来并没有发生,这是非常糟糕的。这是使用静态加密密钥,这基本上毫无价值。这一切都是错误的。你真的应该解密所有这些密码,并在你的网站被破坏之前正确地散列它们。那么,在计划进行安全更新以解决密码问题的同时,你有什么建议可以让应用程序工作吗?首先要做的是使用带有占位符值的准备语句来清除这些密码所有这些垃圾都被清理掉了。第二件事是停止创建无用的变量,比如$sql1
,而是直接准备查询:$stmt=$conn->prepare(“SELECT…”)
,以消除混乱。也不清楚为什么会有一个登录查询,然后是另一个与一个附加子句几乎相同的查询。第二个应该没有必要。获取用户信息,然后比较角色值。
<?php
include('[db connection page]');
if ((isset($_POST['overrideUsername'])) and (isset($_POST['overridePassword'])) and (isset($_POST['overrideUniqueID']))) {
$overrideUsername = $_POST['overrideUsername'];
$overridePassword = $_POST['overridePassword'];
$overrideUniqueID = $_POST['overrideUniqueID'];
//connect to the database
$conn = new mysqli($servername, $username, $password, $dbname);
// Check connection
if(mysqli_connect_errno() ) {
printf('Could not connect: ' . mysqli_connect_error());
exit();
}
$conn->select_db($dbname);
if(! $conn->select_db($dbname) ) {
echo 'Could not select database. '.'<BR>';
}
$sql1 = "SELECT * FROM users WHERE (users.login = \"".mysqli_real_escape_string($overrideUsername)."\") AND (users.password = ENCODE(\"".mysqli_real_escape_string(overridePassword)."\",\"".mysqli_real_escape_string(ENCRYPTION_SEED)."\"))";
$result1 = $conn->query($sql1);
if ($result1) {
$sql2 = "SELECT * FROM users INNER JOIN rolestousers ON (users.id=rolestousers.userid) WHERE (users.login = \"".mysqli_real_escape_string($overrideUsername)."\") AND (users.password =ENCODE(\"".mysqli_real_escape_string(overridePassword)."\",\"".mysqli_real_escape_string(ENCRYPTION_SEED)."\")) AND (rolestousers.roleid = '154')";
$result2 = $conn->query($sql2);
if ($result2) {
$sql3 = "DELETE * FROM locator_time_track_out WHERE locator_time_track_out.uniqueid = '.$overrideUniqueID'";
$result3 = $conn->query($sql3);
if ($result3) {
echo 'Override Successful! Please scan the unit again to close it out.';
} else {
echo 'Could Not Delete Record from the Table.';
}//End $sql3 num_rows if.
} else {
echo 'User does not have override permission. Please contact the IT Department.';
}//End $sql2 num_rows if.
} else {
echo 'Your login information is incorrect. Please try again. If the issue persists, contact the IT Department.';
}//End $sql1 num_romws if.
//Free the result variable.
$result1->free();
$result2->free();
$result3->free();
//Close the Database connection.
$conn->close();
}//End If statement
include('[db connection file name');
if ((isset($_POST['overrideUsername'])) and (isset($_POST['overridePassword'])) and (isset($_POST['overrideUniqueID']))) {
$overrideUsername = $_POST['overrideUsername'];
$overridePassword = $_POST['overridePassword'];
$overrideUniqueID = $_POST['overrideUniqueID'];
//connect to the database
$conn = new mysqli($servername, $username, $password, $dbname);
// Check connection
if(mysqli_connect_errno() ) {
printf('Could not connect: ' . mysqli_connect_error());
exit();
}
$conn->select_db($dbname);
if(! $conn->select_db($dbname) ) {
echo 'Could not select database. '.'<BR>';
}
$sql1 = "SELECT * FROM users WHERE (users.login = ?) AND (users.password = ?)";
$stmt1 = $conn->prepare($sql1);
$stmt1->bind_param('ss', $overrideUsername, $overridePassword);
$stmt1->execute();
$stmt1->store_result();
if ($stmt1->num_rows == 1) {
$sql2 = "SELECT * FROM users INNER JOIN rolestousers ON (users.id=rolestousers.userid) WHERE (users.login = ?) AND (users.password = ?) AND (rolestousers.roleid = '154')";
$stmt2 = $conn->prepare($sql2);
$stmt2->bind_param('ss', $overrideUsername, $overridePassword);
$stmt2->execute();
$stmt2->store_result();
if ($stmt2->num_rows == 1) {
$sql3 = "DELETE * FROM locator_time_track_out WHERE locator_time_track_out.uniqueid = ?";
$stmt3 = $conn->prepare($sql2);
$stmt3->bind_param('s', $overrideUniqueID);
$stmt3->execute();
$stmt3->store_result();
if ($stmt3->num_rows == 1) {
echo 'Override Successful! Please scan the unit again to close it out.';
} else {
echo 'Could Not Delete Record from the Table.';
}//End $sql3 num_rows if.
} else {
echo 'User does not have override permission. Please contact the IT Department at ext. 0102.';
}//End $sql2 num_rows if.
} else {
echo 'Your login information is incorrect. Please try again. If the issue persists, contact the IT Department at ext. 0102.';
}//End $sql1 num_romws if.
//Free the result variable.
$stmt1->free();
$stmt2->free();
$stmt3->free();
//Close the Database connection.
$conn->close();
}//End If statement