Database problem

[itiquint]

Hi guys i had a problem with my site.

in my site you must log-in with an account and password of course but when i login doesn't appear in local work perfectly i post you my source i hope you could help me thanks.

index.php

<?phpsession_start();
$_SESSION['tipo']=1000;
$_SESSION['user']="";
?>
<html lang="it">
<head>
<meta charset="utf-8">
<meta name="viewport" content="user-scalable=no, width=device-width" />
<title> REGISTRO ELETTRONICO 5a Binfo ITIS MAJORANA</title>
<link rel="stylesheet" href="#" media="screen">
<style type="text/css">
<!--
.Stile1 {
font-size: xx-large;
font-weight: bold;
}
-->
</style>
</head>
<body>
<header>
<hgroup>
<h1> REGISTRO ELETTRONICO 5a Binf ITIS MAJORANA</h1>
<h2>BENVENUTI!</h2>
</hgroup>
</header>
<h1 align="center" class="Stile1">LOG IN</h1>
<form id="form_index" action="esegui_login.php" method="post">
<section align="right">
<div align="center">
<p><font size="4">USER:</font> </p>
<p>
<Input type = 'text' name = 'user' size=6>
</br>
<font size="4">PASSWORD:</font>
<input type='password' size = 6 name='pwd'>
<input name="login" type="submit"value="ACCEDI">
</p>
</div>
</section>
</form>
</body>
</html>

esegui_login.php

<html><head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<title>Login</title>
</head>


<body>
<?php


include 'db_connection/config.php';
include 'db_connection/db_connection.php';;






$user=$_POST['user'];
$_SESSION['id']=$user;
$pwd=$_POST['pwd'];
$password=md5($pwd);
$query="SELECT user From login where user='".$user."'";
$ris=mysql_query($query);
$record=mysql_fetch_array($ris);
if(!$record)
{
echo "Nome utente non valido";
}
else
{


$query="SELECT Id_user FROM login WHERE user='".$user."' and password='".$password."'";

$risu=mysql_query($query);
$rec=mysql_fetch_array($risu);

if(!$rec[0])
{
echo "password errata";
}
else
{
$query_grant="SELECT tipo,cod_anag from login where user='".$user."'";

$ris_grant=mysql_query($query_grant);
$record_grant=mysql_fetch_array($ris_grant);
$_SESSION['tipo']=$record_grant[0];
$_SESSION['cod_anag']=$record_grant[1];
switch($record_grant[0]){

case 0:

break;


case 1:
header ("refresh:0;index_segre.php");
break;


case 2:
header ("refresh:0;index_prof.php");
break;


case 3:
header ("refresh:0;index_user.php");
break;
}
}
}




mysql_close($connect);
?>
</body>
</html>

config.php

<?php

$db_user="****_*****";
$db_pwd="*******";
$db_host="localhost";
$db_name="*****_registro_elettronico";
?>

[dboorx73]

Resolve the problem that the large size of the database

[misson]

The Scripts, 3rd Party Apps, and Programming forum is more appropriate for coding issues. The Free Hosting forum is more for administrative issues.

Please use [php], [html] or [code] tags (as appropriate) to separate and format code.

PHP Code:

$user=$_POST['user'];
[...]
$query="SELECT user From login where user='".$user."'";
[...]
$query="SELECT Id_user FROM login WHERE user='".$user."' and password='".$password."'";
[...]
$query_grant="SELECT tipo,cod_anag from login where user='".$user."'"; 


The posted code is vulnerable to SQL injection, which is a very serious security risk. To fix this hole, switch from the outdated mysql extension to PDO and use prepared statements.

Instead of the three separate SQL queries, perform one that fetches the necessary information (the password, tipo and cod_anag columns) and compare the hashes in PHP rather than SQL. Better still, use a Data Access Layer (DAL) so the rest of the system isn't dependent on the storage & retrieval methods.

PHP Code:

$password=md5($pwd); 


MD5 is considered broken by security professionals. No less than Bruce Schneier wrote back in 2008:

But -- come on, people -- no one should be using MD5 anymore.

Use a newer hashing function, such as whirlpool or something from the SHA2 family (SHA256, SHA512) or (better still) Blowfish (using crypt()). Any of these hashing functions can in turn be the basis of a tunable key derivation function (see also essellar and Callum's discussion on "Create User Accounts"). Your password scheme is also vulnerable to rainbow tables. Add salt to fix this. Give each user a unique salt (a "nonce") and store that in a column in table `login`.

To update your code without impacting existing users:

1. Add a new column to your users table indicating which hash function was used. It could be a BOOLEAN value indicating that the p/w needs updating, or a string naming the hash function:
   1. `md5` BOOLEAN NOT NULL DEFAULT TRUE,
   2. `hash` VARCHAR(16) NOT NULL DEFAULT 'md5',
   
   The latter option allows you to easily support whatever hashing functions are available on the host.
2. Register new users using the newer hashing function.
3. When a user logs in, check whether their password is hashed using MD5 or not. If it is, expire their password (this is a good chance to have users enter new passwords). Alternatively, if the validation succeeds, re-hash the password and update the database.
4. If using the 1st column option, drop the column when there are no more MD5 hashed passwords (SELECT COUNT(*) FROM users WHERE `md5`=TRUE is 0)

<br/> (as it's being used), <font> and the align attribute are presentational HTML. Moreover, <font> is obsolete and align is completely absent in HTML5. Replace them with semantic HTML and use CSS for styling. (Also, "</br>" is invalid, as it's the close tag for a <br>, which is forbidden to have a close tag.)

PHP Code:

<?phpsession_start();
$_SESSION['tipo']=1000;
$_SESSION['user']="";
?>

The missing space will prevent PHP from interpreting this block.

Upon successful login, you should regenerate the session ID to prevent session fixation. Chances are your authentication system also needs something to prevent session hijacking, though that's trickier to do.

HTML Code:

<form id="form_index" action="esegui_login.php" method="post">
  <section align="right">

This doesn't appear to be semantically correct. <section> should mark a section of the document that would appear in an outline: e.g. a chapter, a tabbed page or a numbered section. <fieldset> is more appropriate.

[misson]

There's currently a proposal to add PBKDF2 to PHP's hash extension, which is built as part of the core. It won't be available until PHP 5.5 at the earliest (barring custom PHP builds), but if you write your own PBKDF2 function, give it the same API as in the proposal so yours can be replaced with the standard. You can even use [c]function_exists[/url] to conditionally define your function, so that yours will be used only if a native version doesn't exist. Be aware that though the proposal has reached the vote-phase, there may yet be changes to the API.