0

enter image description hereIf the login detail wrong, system will show "Fail login" Correctly.

But when detail correctly, system will show "C:\Users\Alex\Desktop\OSMAD\8.5\root\Project\test3.php on line 25
Fail login"

Here the PHP text

<?php

    $host = "127.0.0.1";

    $username = "root";

    $password = "usbw";   

    $dbname =  "forum_system";

    // Connect to server
    $connect = mysql_connect($host, $username, $password) 
        or die ("Sorry, unable to connect database server");

    $dbselect = mysql_select_db($dbname,$connect) 
        or die ("Sorry, unable to connect database");

    $Name   = $_POST['Name'];
    $Password = $_POST['Password'];

    $result = mysql_query("select * from users where name = '$Name' and 
        password = '$Password'")
    or die("Sorry, query failed".mysql_error());

    $row = mysql_fetch_array($result);

    if ( $row['Name'] == $Name && $row['Password'] == $Password ) {
        echo "welcome";
    } else {
        echo "Fail login";
    }
?>
Alex Lui
  • 11
  • 3
  • 3
    i advice you to read [Safe Password Hashing](https://php.net/manual/en/faq.passwords.php) and [How can I prevent SQL injection in PHP?](https://stackoverflow.com/questions/60174/how-can-i-prevent-sql-injection-in-php?rq=1) as your current code is prone to [SQL injection](https://en.wikipedia.org/wiki/SQL_injection) and [Timing attacks](https://en.wikipedia.org/wiki/Timing_attack) because of the check `$row['Password'] == $Password`. – Raymond Nijland Jun 24 '19 at 10:23
  • show your table structure with entry – Developer Jun 24 '19 at 10:25
  • Also `WHERE ... AND password = '$Password'` in the SQL also might be prone to timing attacks if the password column is part of a index.. As databases are designed to return as quick as possibe which is especially the case with indexes.. You need to do `SELECT password FROM users WHERE name = 'name '` and then the [password_verify()](https://www.php.net/manual/en/function.password-verify.php) .. Where it does not matter if the column name is indexed as it is safe.. – Raymond Nijland Jun 24 '19 at 10:34
  • in db all column name seems in lower case and in php u used first latter caps – suresh bambhaniya Jun 24 '19 at 10:37
  • Seems like a delicious script for SQL Injection :P – Shudhansh Shekhar Jun 24 '19 at 10:39

1 Answers1

1

Well MySQL table column names are case sensitive. So instead of $row['Name'] and $row['Password'] you should use $row['name'] and $row['password']. So the line: 

if ( $row['Name'] == $Name && $row['Password'] == $Password )

should be replaced with:

if ( $row['name'] == $Name && $row['password'] == $Password )

Also use mysqli or MySQL_PDO instead of mysql functions. The mysql extension has been removed in Php 7.0.0.

Nadir Latif
  • 3,690
  • 1
  • 15
  • 24