Login in PHP with permission levels

12

I have a problem with my code to separate the logins. I want when a login with Rank = 1 is entered it redirects to a page, and when Rank is = 0 go to another page. I tried to do but I did not have a result because he always sends me to it. How do I resolve this?

<?php
require_once 'config.php';

$userName = $_POST["user-name"];
$userPass = $_POST["user-pass"];
$criptSen = hash("whirlpool", $userPass);
@$rediURL = $_GET["url"];

$SQL = mysql_query("SELECT Usuario, Senha FROM utilizadores WHERE Usuario='$userName'         AND Senha='$criptSen'");
        $query = mysql_query($SQL);
        while($row = mysql_fetch_array($query)){
            $rank = $row["Rank"];
        }
if(mysql_num_rows($SQL) != 0){

session_start();

$_SESSION['Usuario'] = $userName;
$_SESSION['Senha']   = $criptSen;

if($rank = 0){
  header("Location: membro.php");   
} elseif($rank = 1) {
     header("Location: admin/index.php");   
}   
} else {
header("Location: index.php");
}
?>

Code to protect Internal Pages Rank = 1     

@$Usuario = $_SESSION["Usuario"];
@$Rank   = $_SESSION['Rank']

if(!(isset($Usuario) && isset($Senha))){

$url = explode("/", $_SERVER["REQUEST_URI"]);

header("Location: index1.php?url=$url[3]");

} else if(isset($Usuario) && isset($Senha)){

$SQL = mysql_query("SELECT Usuario, Senha FROM utilizadores WHERE     Usuario='$Usuario' AND Senha='$Senha' AND Rank=1");

if(mysql_num_rows($SQL) == 0){

    echo "<script>alert(\"Area Restrita\");</scrpit>";
    header("Location: ../index.php");
} 
}
?>
    
asked by anonymous 18.04.2014 / 12:25

4 answers

15

Question PHP Code Normalization

_Obs: mysql __ * is obsolete in new versions of PHP, so this code could be put in Mysqli or PDO , but I followed the question

Errors Found:

$userName = $_POST["user-name"];
$userPass = $_POST["user-pass"];
@$rediURL = $_GET["url"];
  

Did not use isset to test $ _POST and $ _GET , and the best practice would be to use filter_input .

$SQL = mysql_query("SELECT Usuario, Senha FROM utilizadores WHERE Usuario='$userName'         AND Senha='$criptSen'");    
$query = mysql_query($SQL);
  

Notice that he made mysql_query 2 times !!!

$rank = $row["Rank"];
  

Notice that he wanted to get Rank without calling SQL

if($rank = 0){
  header("Location: membro.php");
} elseif($rank = 1) {
     header("Location: admin/index.php");
}
  

Did $ rank comparison with just 1 equal, comparison are 2 equals or 3 if you want besides testing the value its type

$_SESSION['Usuario'] = $userName;
$_SESSION['Senha']   = $criptSen;
  

Saved the password in the Session, why would not this be a security breach?

Standard Code

<?php
    require_once    'config.php';

    $userName = isset($_POST["user-name"]) ? $_POST["user-name"]: '0';
    $userPass = isset($_POST["user-pass"]) ? $_POST["user-pass"]: '0';

    if ($userName != '0' && $userPass != '0'){

        $criptSen = hash("whirlpool", $userPass);
        $rediURL  = isset($_GET["url"]) ? $_GET["url"]: ''; 

        $SQL = "SELECT Usuario, Senha, Rank FROM utilizadores WHERE Usuario='$userName' AND Senha='$criptSen' limit 1";
        $query = mysql_query($SQL);

        if (mysql_num_rows($query)>0)
        {
            $row = mysql_fetch_array($query);
            $_SESSION['Usuario'] = $row['Usuario'];     
            $_SESSION['Rank']    = $row['Rank'];
            mysql_free_result($query);

            if($row['Rank'] == 0){
                header("Location: membro.php");
            } else {
                if($row['Rank'] == 1) {
                    header("Location: admin/index.php");                
                }
            }       

        } else {
            if (isset($query)){
                mysql_free_result($query);
            }
            header('location: index.php');      
        }   

    } else {
        header('location: index.php');
    }
?>

Why did I save Rank in a Session?

To test the page loads and see if such a user is allowed to view the page.

Standardization Next Page

<?php
    session_start();
    $Usuario = isset($_SESSION["Usuario"]) ? $_SESSION["Usuario"]: '';
    $Rank    = isset($_SESSION['Rank'])    ? $_SESSION['Rank']   : '';

    if ($Usuario != '' && $Rank == 1){  
        //AUTORIZADO
        //AQUI ELE TA COM O Rank = 1 e logado com Usuario
    } 
    else 
    {
        //NÃO AUTORIZADO
        echo "<script>alert(\"Area Restrita\");</scrpit>";
        header("Location: ../index.php");   
    }

Obs: Note that you do not need to re-access the database, because $Rank is in $ _ SESSION you can retrieve, you can use this template for the various pages of your system. Another note is that you do not use script (javascript) in the middle of PHP , maybe redirecting to a page is a lot better, with messages that it is not authorized

    
18.04.2014 / 18:18
5

Your SELECT returns the Usuario, Senha fields, however you try to get $row["Rank"] . Change the SELECT to:

$SQL = mysql_query("SELECT Usuario, Senha, Rank FROM utilizadores WHERE Usuario='$userName' AND Senha='$criptSen'");

Make this comparison change ( == ) instead of just =

if($rank == 0){

  header("Location: membro.php");

} elseif($rank == 1) {

     header("Location: admin/index.php");

}
    
18.04.2014 / 14:50
3

The error is in = the correct is == .

if($rank == 0)
{
  header("Location: membro.php");
} 
elseif($rank == 1) 
{
  header("Location: admin/index.php");
}

See Comparison Operators in php.net .

    
18.04.2014 / 16:24
2

I'm not going to suggest putting it in OO because it looks like it's already routed, so by following the current structure, at least it creates a function to do this check on the protected pages and calls this function instead of repeating the code on every page.

Another thing, the colleague's idea of using session is good, but if it is this way save a value type $_SESSION['login'] = true; instead of saving the password in the section, so you will not have to check the bank all the time. know if the password matches.

    
19.04.2014 / 01:36