Advertisement
If you have a new account but are having problems posting or verifying your account, please email us on hello@boards.ie for help. Thanks :)
Hello all! Please ensure that you are posting a new thread or question in the appropriate forum. The Feedback forum is overwhelmed with questions that are having to be moved elsewhere. If you need help to verify your account contact hello@boards.ie
Hi there,
There is an issue with role permissions that is being worked on at the moment.
If you are having trouble with access or permissions on regional forums please post here to get access: https://www.boards.ie/discussion/2058365403/you-do-not-have-permission-for-that#latest

Will this line of code ever be executed?

  • 20-08-2010 1:40pm
    #1
    Registered Users, Registered Users 2 Posts: 19,050 ✭✭✭✭


    ...and if so, when?

    Line 43 (see my comments)
    <?php // authenticate.php
    //include login details
    require_once 'login.php';
    //connect to mysql
    $db_server = mysql_connect($db_hostname, $db_username, $db_password);
    if (!$db_server) die("Unable to connect to MySQL: " . mysql_error());
    mysql_select_db($db_database)
        or die("Unable to select database: " . mysql_error());
    
    //check if username and password already given in by user
    if (isset($_SERVER['PHP_AUTH_USER']) &&
        isset($_SERVER['PHP_AUTH_PW']))
    {
    	//if so, retrieve and sanitise both
        $un_temp = mysql_entities_fix_string($_SERVER['PHP_AUTH_USER']);
        $pw_temp = mysql_entities_fix_string($_SERVER['PHP_AUTH_PW']);
    
    	//build mysql query string to retrieve a user's data given a username
        $query = "SELECT * FROM users WHERE username='$un_temp'";
    	//run query
        $result = mysql_query($query);
    	//if query failed die on error
        if (!$result) die("Database access failed: " . mysql_error());
    	//..otherwise get the number of rows from the result set
        elseif (mysql_num_rows($result))
        {
    		//...and fetch a full row at a time
            $row = mysql_fetch_row($result);
    		//define salts (same as those originally applied to passwords before they were stored in db)
            $salt1 = "qm&h*";
            $salt2 = "pg!@";
    		//create new md5 token with supplied pw and given salts
            $token = md5("$salt1$pw_temp$salt2");
    
    		//compare new token to current row field 4 (salted password field) 
    		//and if match echo name, welcome etc. to user. If no match, die with error.
            if ($token == $row[3]) echo "$row[0] $row[1] :
                Hi $row[0], you are now logged in as '$row[2]'";
            else die("Invalid username/password combination");
        }
    	//die if no db access succeeded but credentials could not be validated after checking all users 
    	//with the supplied username (not sure if this code will ever be executed?
        else die("Invalid username/password combination");
    }
    else	//user has not entered any credentials, so display the authentication challenge..
    {
        header('WWW-Authenticate: Basic realm="Restricted Section"');
        header('HTTP/1.0 401 Unauthorized');
        die ("Please enter your username and password");
    }
    
    //sanitisation functions as before
    function mysql_entities_fix_string($string)
    {
        return htmlentities(mysql_fix_string($string));
    }
    
    function mysql_fix_string($string)
    {
        if (get_magic_quotes_gpc()) $string = stripslashes($string);
        return mysql_real_escape_string($string);
    }
    ?>
    

    The username field should be unique (created with this code:)
    $query = "CREATE TABLE users (
                forename VARCHAR(32) NOT NULL,
                surname  VARCHAR(32) NOT NULL,
                username VARCHAR(32) NOT NULL UNIQUE,
                password VARCHAR(32) NOT NULL
            )";
    

    (btw, I switched books to something with a few less errors in it, so presuming this isn't one and I'm just not seeing the obvious! Btw, all the comments are mine (I try to comment all the example code to make me actually read and understand it, rather than cutting and pasting ;)


    Edit: scratch that...I see how it will be executed (user enters an incorrect username, db will be queried and return empty set, not null, so output of mysql_num_rows() will be 0 and it will skip that elseif block and execute the else die on line 43. I think lol.


Comments

  • Registered Users, Registered Users 2 Posts: 68,317 ✭✭✭✭seamus


    Yep, it will execute if the SQL runs correctly, but does not return any rows.


  • Registered Users, Registered Users 2 Posts: 608 ✭✭✭t0mm13b


    murphaph wrote: »
    ...and if so, when?

    Line 43 (see my comments)
    <?php // authenticate.php
    //include login details
    require_once 'login.php';
    //connect to mysql
    $db_server = mysql_connect($db_hostname, $db_username, $db_password);
    if (!$db_server) die("Unable to connect to MySQL: " . mysql_error());
    mysql_select_db($db_database)
        or die("Unable to select database: " . mysql_error());
    
    //check if username and password already given in by user
    if (isset($_SERVER['PHP_AUTH_USER']) &&
        isset($_SERVER['PHP_AUTH_PW']))
    {
    	//if so, retrieve and sanitise both
        $un_temp = mysql_entities_fix_string($_SERVER['PHP_AUTH_USER']);
        $pw_temp = mysql_entities_fix_string($_SERVER['PHP_AUTH_PW']);
    
    	//build mysql query string to retrieve a user's data given a username
        $query = "SELECT * FROM users WHERE username='$un_temp'";
    	//run query
        $result = mysql_query($query);
    	//if query failed die on error
        if (!$result) die("Database access failed: " . mysql_error());
    	//..otherwise get the number of rows from the result set
        elseif (mysql_num_rows($result))
        {
    		//...and fetch a full row at a time
            $row = mysql_fetch_row($result);
    		//define salts (same as those originally applied to passwords before they were stored in db)
            $salt1 = "qm&h*";
            $salt2 = "pg!@";
    		//create new md5 token with supplied pw and given salts
            $token = md5("$salt1$pw_temp$salt2");
    
    		//compare new token to current row field 4 (salted password field) 
    		//and if match echo name, welcome etc. to user. If no match, die with error.
            if ($token == $row[3]) echo "$row[0] $row[1] :
                Hi $row[0], you are now logged in as '$row[2]'";
            else die("Invalid username/password combination");
        }
    	//die if no db access succeeded but credentials could not be validated after checking all users 
    	//with the supplied username (not sure if this code will ever be executed?
        else die("Invalid username/password combination");
    }
    else	//user has not entered any credentials, so display the authentication challenge..
    {
        header('WWW-Authenticate: Basic realm="Restricted Section"');
        header('HTTP/1.0 401 Unauthorized');
        die ("Please enter your username and password");
    }
    
    //sanitisation functions as before
    function mysql_entities_fix_string($string)
    {
        return htmlentities(mysql_fix_string($string));
    }
    
    function mysql_fix_string($string)
    {
        if (get_magic_quotes_gpc()) $string = stripslashes($string);
        return mysql_real_escape_string($string);
    }
    ?>
    

    The username field should be unique (created with this code:)
    $query = "CREATE TABLE users (
                forename VARCHAR(32) NOT NULL,
                surname  VARCHAR(32) NOT NULL,
                username VARCHAR(32) NOT NULL UNIQUE,
                password VARCHAR(32) NOT NULL
            )";
    

    (btw, I switched books to something with a few less errors in it, so presuming this isn't one and I'm just not seeing the obvious! Btw, all the comments are mine (I try to comment all the example code to make me actually read and understand it, rather than cutting and pasting ;)


    Edit: scratch that...I see how it will be executed (user enters an incorrect username, db will be queried and return empty set, not null, so output of mysql_num_rows() will be 0 and it will skip that elseif block and execute the else die on line 43. I think lol.

    Can I offer one piece of suggestion to improve this code? .... I think, you should pass the input variables for the username and the password through a regexp to ensure that the inputs are indeed correct, sanitizing it even more...call this paranoid but it would help!
    ;)


Advertisement