所以我一直在尝试一个php项目,并且一切正常。 即使有错误的详细信息,登录页面也会重定向到仪表板。因此,无论登录详细信息如何,基本上都会绕过登录。同样,通过直接放置“ sitename / dashboard”也可以绕过登录。下面是我的代码。
<?php
require('inc/dbPlayer.php');
require('inc/sessionManager.php');
$msg="";
if ($_SERVER["REQUEST_METHOD"] == "POST") {
if (isset($_POST["btnLogin"])) {
$db = new \dbPlayer\dbPlayer();
$msg = $db->open();
if ($msg == "true") {
$userPass = md5("hms2015".$_POST['password']);
$loginId = $_POST["email"];
$query = "select loginId,userGroupId,password,name,userId from users where loginId='" . $loginId . "' and password='" . $userPass . "';";
var_dump($query);
$result = $db->getData($query);
//var_dump($result);
$info = array();
while ($row = mysql_fetch_assoc($result)) {
array_push($info, $row['loginId']);
array_push($info, $row['userGroupId']);
array_push($info, $row['password']);
array_push($info, $row['name']);
array_push($info, $row['userId']);
}
//$db->close();
$ses = new \sessionManager\sessionManager();
$ses->start();
$ses->Set("loginId", $info[0]);
$ses->Set("userGroupId", $info[1]);
$ses->Set("name", $info[3]);
$ses->Set("userIdLoged", $info[4]);
if (is_null($info[0])) {
$msg = "Login Id or Password Wrong!";
}
else
{
}
if($info[1]=="UG004")
{
header('Location: http://localhost/hms/sdashboard.php');
}
elseif($info[1]=="UG003")
{
header('Location: http://localhost/hms/edashboard.php');
}
else
{
header('Location: http://localhost/hms/dashboard.php');
}
}
}
}
?>
<!DOCTYPE html>
<html lang="en">
<head>
<title>HMS</title>
</head>
<body>
<div class="container">
<div class="row">
<div class="col-md-4 col-md-offset-4">
<div class="panel-body">
<form name="login" action="index.php" accept-charset="utf-8" method="post" enctype="multipart/form-data">
<fieldset>
<div class="form-group">
<input class="form-control" placeholder="E-mail/Login ID" name="email" type="text" autofocus required>
</div>
<div class="form-group">
<input class="form-control" placeholder="Password" name="password" type="password" value="" required>
</div>
<div class="checkbox">
<label>
<input name="remember" type="checkbox" value="Remember Me">Remember Me
</label>
<a href="#" class="red pull-right">Forget Password</a>
<label id="loginMsg" class="red"><?php echo $msg ?></label>
</div>
<button type="submit" name="btnLogin" class="btn btn-lg btn-success btn-block"><i class="glyphicon glyphicon-log-in"></i> Login</button>
</fieldset>
</form>
</div>
</div>
</div>
</div>
</div>
</body>
</html>
<?php
namespace dbPlayer;
class dbPlayer {
private $db_host="localhost";
private $db_name="hms";
private $db_user="root";
private $db_pass="";
protected $con;
public function open(){
$con = mysql_connect($this->db_host,$this->db_user,$this->db_pass);
if($con)
{
$dbSelect = mysql_select_db($this->db_name);
if($dbSelect)
{
return "true";
}
else
{
return mysql_error();
}
}
else
{
return mysql_error();
}
}
public function close()
{
$res=mysql_close($this->con);
if($res)
{
return "true";
}
else
{
return mysql_error();
}
}
public function insertData($table,$data)
{
$keys = "`" . implode("`, `", array_keys($data)) . "`";
$values = "'" . implode("', '", $data) . "'";
//var_dump("INSERT INTO `{$table}` ({$keys}) VALUES ({$values})");
mysql_query("INSERT INTO `{$table}` ({$keys}) VALUES ({$values})");
return mysql_insert_id().mysql_error();
}
public function registration($query,$query2)
{
$res=mysql_query($query);
if($res)
{
$res=mysql_query($query2);
if($res)
{
return "true";
}
else
{
return mysql_error();
}
}
else
{
return mysql_error();
}
}
public function getData($query)
{
$res = mysql_query($query);
if(!$res)
{
return "Can't get data ".mysql_error();
}
else
{
return $res;
}
}
public function update($query)
{
$res = mysql_query($query);
if(!$res)
{
return "Can't update data ".mysql_error();
}
else
{
return "true";
}
}
public function updateData($table,$conColumn,$conValue,$data)
{
$updates=array();
if (count($data) > 0) {
foreach ($data as $key => $value) {
$value = mysql_real_escape_string($value); // this is dedicated to @Jon
$value = "'$value'";
$updates[] = "$key = $value";
}
}
$implodeArray = implode(', ', $updates);
$query ="UPDATE ".$table." SET ".$implodeArray." WHERE ".$conColumn."='".$conValue."'";
//var_dump($query);
$res = mysql_query($query);
if(!$res)
{
return "Can't Update data ".mysql_error();
}
else
{
return "true";
}
}
public function delete($query)
{
$res = mysql_query($query);
// var_dump($query);
if(!$res)
{
return "Can't delete data ".mysql_error();
}
else
{
return "true";
}
}
public function getAutoId($prefix)
{
$uId="";
$q = "select number from auto_id where prefix='".$prefix."';";
$result = $this->getData($q);
$userId=array();
while($row = mysql_fetch_assoc($result))
{
array_push($userId,$row['number']);
}
// var_dump($UserId);
if(strlen($userId[0])>=1)
{
$uId=$prefix."00".$userId[0];
}
elseif(strlen($userId[0])==2)
{
$uId=$prefix."0".$userId[0];
}
else
{
$uId=$prefix.$userId[0];
}
array_push($userId,$uId);
return $userId;
}
public function updateAutoId($value,$prefix)
{
$id =intval($value)+1;
$query="UPDATE auto_id set number=".$id." where prefix='".$prefix."';";
return $this->update($query);
}
public function execNonQuery($query)
{
$res = mysql_query($query);
if(!$res)
{
return "Can't Execute Query".mysql_error();
}
else
{
return "true";
}
}
public function execDataTable($query)
{
$res = mysql_query($query);
if(!$res)
{
return "Can't Execute Query".mysql_error();
}
else
{
return $res;
}
}
}
<?php
namespace sessionManager;
class sessionManager {
public function Set($key,$value)
{
$_SESSION[$key] = $value;
// $_SESSION['start'] = time();
// $_SESSION['expire'] = $_SESSION['start'] + (30 * 60);
}
public function Get($key)
{
// session_start();
if(isset($_SESSION[$key])) {
return $_SESSION[$key];
}
else
{
return null;
}
}
public function isExpired()
{
//session_start();
$now = time();
if ($now > $_SESSION['expire']) {
session_unset();
session_destroy();
return true;
}
else
{
return false;
}
}
public function remove($key)
{
//session_start();
unset($_SESSION[$key]);
}
public function start()
{
session_start();
$_SESSION['start'] = time();
$_SESSION['expire'] = $_SESSION['start'] + (30 * 60);
}
}
答案 0 :(得分:0)
一些提示:
require值不应放在方括号中。mysql_函数,该库现已已停止,并且在PHP 7中不可用。日期为2012年,并使用mysqli_或PDO。 (Why?)md5来哈希密码。使用PHP内置的password_hash()函数。 (How?)return mysql_error();)。您应该将错误发送到错误日志(error_log(print_r(mysql_error(),true));),以使公众看不到该错误的详细信息。 在数据库交互中使用 Prepared Statements 。 ([如何?(https://phpdelusions.net/mysqli))
Header("Location: ... ");函数应始终紧跟exit; / die();
__constuct()的功能。 (why?)return true;代替return "true"; mysql_函数,为什么仍要使用它们?停止阅读并更新您的代码库!使用mysqli_或PDO。 (Why?)您需要做很多阅读工作,也需要学习很多东西。我想说好运,但是您不需要任何运气,您需要阅读并致力于学习如何use PHP properly。
玩得开心。
答案 1 :(得分:-1)
无论是否在数据库中记录,都需要应用一个条件。如果没有,那么您需要绕过登录页面。更改此代码,如下所示:
if ($msg == "true") {
$userPass = md5("hms2015".$_POST['password']);
$loginId = $_POST["email"];
$query = "select loginId,userGroupId,password,name,userId from users where loginId='" . $loginId . "' and password='" . $userPass . "';";
var_dump($query);
$result = $db->getData($query);
//var_dump($result);
if (mysql_num_rows($result) > 0) { // means user is logged in
$info = array();
while ($row = mysql_fetch_assoc($result)) {
array_push($info, $row['loginId']);
array_push($info, $row['userGroupId']);
array_push($info, $row['password']);
array_push($info, $row['name']);
array_push($info, $row['userId']);
}
//$db->close();
$ses = new \sessionManager\sessionManager();
$ses->start();
$ses->Set("loginId", $info[0]);
$ses->Set("userGroupId", $info[1]);
$ses->Set("name", $info[3]);
$ses->Set("userIdLoged", $info[4]);
if (is_null($info[0])) {
$msg = "Login Id or Password Wrong!";
}
else
{
}
if($info[1]=="UG004")
{
header('Location: http://localhost/hms/sdashboard.php');
}
elseif($info[1]=="UG003")
{
header('Location: http://localhost/hms/edashboard.php');
}
else
{
header('Location: http://localhost/hms/dashboard.php');
}
}
}
但是我建议您使用PDO,因为mysql已经过时了。此外,您的代码也可以广泛用于SQL注入,因此也请阅读有关内容。希望它对您有所帮助,但使您的代码可靠。