• This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn more.

Need help: "authorization" script...

Mr. Goodie2Shoes

Well-known member
#1
Hello there, I am just trying to create a script and users need to log-in with the details in "login.php" and the info will be forwarded to "./lib/authorize.php" using the "POST" method and here's the code snippet for the "authorize.php" file:
PHP:
<?php
if(!isset($_GET['do'])){
    die();
}else{
    switch ($_GET['do']){
        case logout:
            setcookie('ooht-session-start', '', time()-3600, "/", $_SERVER['HTTP_HOST']);
            setcookie('ooht-session-ip', '', time()-3600, "/", $_SERVER['HTTP_HOST']);
            setcookie('ooht-authorize-id', '', time()-3600, "/", $_SERVER['HTTP_HOST']);
            header('Location: ../login.php');
        break;
        
        case login:
            $user_login_request = $_POST['name'];
            $pass_login_request = $_POST['authorize_code'];
            
            include('config.php');
            $DB_connect_zero = mysql_connect($xenCODE_OOHT_DB_server, $xenCODE_OOHT_DB_user, $xenCODE_OOHT_DB_pass);
            $DB_connect = mysql_select_db($xenCODE_OOHT_DB_name, $DB_connect_zero);
            $DB_query = mysql_query("SELECT * FROM ooht_users WHERE users_name = `$user_login_request`");
            $DB_field = mysql_fetch_array($DB_query);
            
            if($user_login_request != $DB_field['users_name']){
                echo "There's no such username!";
            }else{
                if($DB_field['users_password'] != sha1(sha1($pass_login_request).$DB_field['users_salt'])){
                    echo "Username and password doesn't match!";
                }else{
                    if($_POST['remember'] == "on"){
                        $cookie_life = 60*60*24*30;
                    }else{
                        $cookie_life = 60*60*1;
                    }
                    $session_start_time = time();
                    
                    setcookie('ooht-name', $user_login_request, time()+60*60*24*30, "/", $_SERVER['HTTP_HOST']);
                    setcookie('ooht-session-start', $session_start_time, time()+$cookie_life, "/", $_SERVER['HTTP_HOST']);
                    setcookie('ooht-session-ip', sha1($_SERVER["REMOTE_ADDR"]), time()+$cookie_life, "/", $_SERVER['HTTP_HOST']);
                    setcookie('ooht-authorize-id', md5(sha1($user_login_request).$session_start_time.sha1($_SERVER['REMOTE_ADDR'])), time()+$cookie_life, "/", $_SERVER['HTTP_HOST']);
                    
                    header('Location: ../index.php');
                }
            }
        break;
    }
} ?>
I tried debugging the code but no result, only a blank page :|
 

Robbo

Well-known member
#2
That isn't even sanitized. Adding `;DROP TABLE ooht_users would drop that table for example. Surely there is a library you can include to use instead? If it is to do with XenForo you could use Zend_Db. And also Zend_Request_Http. Those are from memory so might be wrong.