0
这是一个网站的身份验证脚本。这安全吗?是最近的编程吗?它过时了吗?是否有“更安全的方式”我很新,但没有看到太多使用标题授权的地方。此登录脚本是否正常/当前/安全?
任何帮助,将不胜感激!这是我做过的第一个登录脚本,也是注册。但是我不确定我喜欢标题授权。
<?php
require_once('connectvars.php');
IF (!isset($_SERVER['PHP_AUTH_USER']) || !isset($_SERVER['PHP_AUTH_PW'])) {
header('HTTP/1.1 401 Unauthorized');
header('WWW-Authenticate: Basic realm="Register"');
exit('<h3> You must enter your username & password to continue');
}
$Dbc = mysqli_connect('localhost', 'root', '', 'learn');
$user_username = mysqli_real_escape_string($Dbc, trim($_SERVER['PHP_AUTH_USER']));
$user_password = mysqli_real_escape_string($Dbc, trim($_SERVER['PHP_AUTH_PW']));
$query = "SELECT ID, Username from members where Username = '$user_username' AND " .
"Password = SHA1('$user_password')";
$data = mysqli_query($Dbc, $query);
if (mysqli_num_rows($data) == 1) {
$row = mysqli_fetch_array($data);
$user_id = $row['ID'];
$username = $row['Username'];
}
else {
header('http/1.1 401 unauthorized');
header('www-authenticate: basic realm="Register"');
}
echo ('<p class="Login"> yo are logged in as ' . $user_username . '.</p>');
if (isset($_POST['submit'])) {
$username = $_POST['username'];
$password = $_POST['password'];
$email = $_POST['email'];
if (empty($username)){
echo "you forgot to enter a username.</br>";
}
if (empty($password)) {
echo "you forgot to enter a password.</br>";
}
if (empty($email)) {
echo "you forgot to enter an email.</br>";
}
if(!empty($username) && !empty($password) && !empty($email)) {
$dbc = mysqli_connect('localhost', 'root', '', 'learn');
$checkusername = 'SELECT username FROM members where username = "'.$username.'"';
if (mysqli_num_rows(mysqli_query($dbc, $checkusername)) != 0)
{
echo "<font color = red> Username <font color = black><u> $username</u></font> already exists in the database.</font></br>";
$checkemail = 'Select email FROM members where email = "'.$email.'"';
if (mysqli_num_rows(mysqli_query($dbc, $checkemail)) != 0)
echo "<font color = red> Email <font color = black><u> $email</u></font> already exists in the database.</font>";
mysqli_close($dbc);
}
else
{
$query = "INSERT INTO members VALUES (0, '$username', SHA1('$password'), '$email')";
mysqli_query($dbc, $query);
echo " Username: <font color = green ><u> $username</u></font> & Password: <font color = green><u> $password</u></font> have been added to the database.";
mysqli_close($dbc);
}
}
}
?>
乍一看,我会选择一些东西。永远不要假设设置了$ _POST变量。代码格式非常糟糕。 (除非它的复制/粘贴出错了。)它对SQL注入是开放的。无论如何,codereview.stackexchange.com更适合这个。 – Corbin 2012-04-11 01:29:37
你也应该吃盐。 – xanadont 2012-04-11 02:31:26
@xanadont真的,他应该可能不会使用sha1。虽然腌制肯定会有所改进。 – Corbin 2012-04-11 03:06:12