Theo Theo - 7 months ago 23
SQL Question

Security issue,php/mysql

In my CMS i don't have a registration system. Just a login one,meaning that the password is predefined inside the table. Ie I put my username and my set up password and I can successfully login. However that password is visible inside my table. How can I hash it? When I do that using sha1,I can't login. I have to login with the exact password which is stored in the table.

Here is my code.

<?php
session_start();
?>
<!DOCTYPE HTML>
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
<title>Admin Area</title>
<link rel="stylesheet" href="login-css.css" media="all"/>
</head>

<body>
<div class="login">
<h1>Admin Login</h1>
<form method="post">
<input type="text" name="user_name" placeholder="Username"
required="required" />
<input type="password" name="user_pass" placeholder="Password"
required="required" />
<button type="submit" class="btn btn-primary btn-block btn-large"
name="login">Admin Login</button>
</form>

</div>

<h2 style="color:#FFF; text-align:center"><?php echo
@$_GET['not_authorized']; ?></h2>

</body>


</html>

<?php

include("includes/connect.php");
if(isset($_POST['login'])){
$user_name = mysqli_real_escape_string($con,$_POST['user_name']);
$user_pass = mysqli_real_escape_string($con,$_POST['user_pass']);


$check_user = "select * from user where user_name='$user_name' AND user_password='$user_pass'";

$run_user = mysqli_query($con,$check_user);



if(mysqli_num_rows($run_user)>0){

$_SESSION['user_name'] = $user_name;

echo "<script>window.open('index.php?logged=You have successfully
Logged In','_self')</script>";
}else{
echo "<script>alert('Username or password is incorrect')</script>";
}
}
?>


And my table sql code.

CREATE TABLE IF NOT EXISTS `user` (
`id` int(10) NOT NULL AUTO_INCREMENT,
`user_name` varchar(100) NOT NULL,
`user_password` varchar(100) NOT NULL,
PRIMARY KEY (`id`)
) ENGINE=InnoDB DEFAULT CHARSET=latin1 AUTO_INCREMENT=8 ;

INSERT INTO `user` (`id`, `user_name`, `user_password`) VALUES
(7, 'theo', 'test');


So the password should not be shown as test.

Any ideas,

Thanks.

Answer

You can convert the password $user_pass = mysqli_real_escape_string($con,$_POST['user_pass']); sha1 and pass it to query.

But better idea is collect the user information with user name and check the converted password(sha1) string with the password column value you retrieved from the query.