|
payb.tc
|
 |
September 07, 2012, 01:41:05 AM |
|
fixed all that payb.tc said with no avail lol, came from all the cuting and pasting trying to fix this dang thing
yeah, i didn't say to remove </head>, you thought of that all by yourself  |
|
|
|
|
|
|
dree12
Legendary
 Offline
Activity: 1246
Merit: 1077
|
|
September 07, 2012, 01:49:34 AM |
|
<meta http-equiv="refresh" content="2;url=" />
Get rid of this. |
|
|
|
|
|
BitcoinINV (OP)
|
|
September 07, 2012, 01:52:01 AM |
|
Don't even see that in the code lol
|
|
|
|
dree12
Legendary
Offline
Activity: 1246
Merit: 1077
|
|
September 07, 2012, 01:53:35 AM |
|
Don't even see that in the code lol
Here is the browser-side code: <meta http-equiv="refresh" content="2;url=" /><!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>Login</title>
<!--CSS Files-->
<link rel="stylesheet" type="text/css" href="assets/css/style.css" />
</head>
<body>
<div id="members" class="group">
<div class="notice success">Authentication Success</div><p class="options group"><a href="member.php?action=register">Register</a> • <a href="member.php?action=recover-password">Recover Password</a></p></div>
<p>
Email: skiz22285@yahoo.com<br/>Username: username2</p>
Login Successful
<p><a href="index.php\">Click here to logout!</a></p>
</body>
</html>
Right before the DOCTYPE, is a meta refresh tag. Remove that. |
|
|
|
|
|
BitcoinINV (OP)
|
|
September 07, 2012, 01:59:32 AM |
|
I promise you that tag is not in my code that I can see. Is there some way it would be hidden in there?
|
|
|
|
dree12
Legendary
Offline
Activity: 1246
Merit: 1077
|
|
September 07, 2012, 02:00:50 AM |
|
I promise you that tag is not in my code that I can see. Is there some way it would be hidden in there?
Could you post "assets/member.inc.php"? |
|
|
|
|
|
BitcoinINV (OP)
|
|
September 07, 2012, 02:03:32 AM |
|
<?php
/*
**********
Member Page
**********
*/
/* Include Class */
require_once('config.inc.php');
require_once("database.class.php");
require_once("member.class.php");
/* Start an instance of the Database Class */
$database = new database();
/* Create an instance of the Member Class */
$member = new member();
?> This is what is in there lol, I checked config, member and Im pretty sure its not in the db one |
|
|
|
dree12
Legendary
Offline
Activity: 1246
Merit: 1077
|
|
September 07, 2012, 02:07:38 AM |
|
<?php
/*
**********
Member Page
**********
*/
/* Include Class */
require_once('config.inc.php');
require_once("database.class.php");
require_once("member.class.php");
/* Start an instance of the Database Class */
$database = new database();
/* Create an instance of the Member Class */
$member = new member();
?> This is what is in there lol, I checked config, member and Im pretty sure its not in the db one It's most likely in there somewhere, as it is before the doctype. It'd be helpful if you post the three included files. |
|
|
|
|
|
BitcoinINV (OP)
|
|
September 07, 2012, 02:11:33 AM |
|
config ?php
/*
* Config Include
*
* Used to write config information into a static var to be
* used anywhere
*/
/*
* Get the Config class
*/
require_once('config.class.php');
/*
* Write settings to the config
*/
Config::write('hostname', 'l')
Config::write('database', '');
Config::write('username', '');
Config::write('password', '');
Config::write('drivers', array(PDO::ATTR_PERSISTENT => true));
Config::write('hash', 'sha512'); /* Once set DO NOT CHANGE (sha512/bcrypt) */
Config::write('bcryptRounds', '12');
Config::write('remember', true);
Config::write('captcha', true);
Config::write('email_template', 'Default');
Config::write('email_master', 'admin@bitcoininvestorscreditunion.com');
Config::write('email_welcome', false);
Config::write('email_verification', true);
?> database <?php
/*
* Database Class
*
* Handles all the connections via PDO
*/
class database {
/*
* @var $pdo A reference to the PDO instance;
* Also used for connecions via PDO.
*/
public $pdo = null;
/*
* @var $statement Used to contain query for prepared statments;
* Also used for value binding & execution
*/
public $statement = null;
/*
* Database Constructor
*
* This method is used to create a new database object with a connection to a datbase
*/
public function __construct() {
/* Try the connections */
try {
/* Create a connections with the supplied values */
$this->pdo = new PDO("mysql:host=" . Config::read('hostname') . ";dbname=" . Config::read('database') . "", Config::read('username'), Config::read('password'), Config::read('drivers'));
} catch(PDOException $e) {
/* If any errors echo the out and kill the script */
print "<b>[DATABASE] Error - Connection Failed:</b> " . $e->getMessage() . "<br/>";
die();
}
}
/*
* Database Query
*
* This method is used to create a new database prepared query
*
* @param string $query The prepared statement query to the database
* @param array|string $bind All the variables to bind to the prepared statement
* @return return the executed string
*/
public function query($query, $bind = null, $fetch = 'FETCH_ASSOC') {
/* Prepare the query statement */
$this->statement = $this->pdo->prepare($query);
/* Bind each value supplied from $bind */
if($bind != null) {
foreach($bind as $select => $value) {
/* For each type of value give the appropriate param */
if(is_int($value)) {
$param = PDO::PARAM_INT;
} elseif(is_bool($value)) {
$param = PDO::PARAM_BOOL;
} elseif(is_null($value)) {
$param = PDO::PARAM_NULL;
} elseif(is_string($value)) {
$param = PDO::PARAM_STR;
} else {
$param = FALSE;
}
/* Bid value */
if($param) {
$this->statement->bindValue($select, $value, $param);
}
}
}
/* Execute Query & check for any errors */
if(!$this->statement->execute()){
$result = array(
1 => 'false',
2 => '<b>[DATABASE] Error - Query:</b> There was an error in sql syntax',
);
return $result;
}
/* Return all content */
if($fetch == 'FETCH_ASSOC') {
$result = $this->statement->fetch(PDO::FETCH_ASSOC);
} elseif($fetch == 'FETCH_BOTH') {
$result = $this->statement->fetch(PDO::FETCH_BOTH);
} elseif($fetch == 'FETCH_LAZY') {
$result = $this->statement->fetch(PDO::FETCH_LAZY);
} elseif($fetch == 'FETCH_OBJ') {
$result = $this->statement->fetch(PDO::FETCH_OBJ);
} elseif($fetch == 'fetchAll') {
$result = $this->statement->fetchAll();
}
return $result;
}
}
?> The member one is empty |
|
|
|
dree12
Legendary
Offline
Activity: 1246
Merit: 1077
|
|
September 07, 2012, 02:22:54 AM |
|
Okay, the hunt for the meta refresh is really going nowhere. Keep looking for it, and remove it when you find it. Meanwhile, a workaround is to keep the user logged in. At the top of the page: <?php
// Start or resume a session
session_start();
?>
In the "Login successful" area of the code: <?php
$con=mysql_connect('localhost', '', '') or die('Could not connect: '.mysql_error());
mysql_select_db("", $con);
// If we have a login active, assume authentication
if (isset($_SESSION['username'])) $username = $_SESSION['username'];
// Otherwise, we will authenticate the password
else {
$username=$_POST['username'];
$username=mysql_real_escape_string($username);
// PUT YOUR PASSWORD AUTHENTICATION HERE
$_SESSION['username'] = $username;
}
// Now, we display the email and username as requested
$result=mysql_query("SELECT * FROM users WHERE username='$username'");
$row=mysql_fetch_array($result);
echo "Email: ".$row['email']."<br/>";
echo "Username: ".$row['username'];
// Finally, close our connection
mysql_close ($con);
?>
|
|
|
|
|
|
BitcoinINV (OP)
|
|
September 07, 2012, 02:35:31 AM |
|
I figured it out on my own.... But dree for all your help I would like to pay you and also, ask if you would be willing to help me with code ass need of course you will be paid whats the address? The code that needed to be changed was..... drum roll $result=mysql_query("SELECT * FROM users WHERE username='$username'");To $result=mysql_query("SELECT * FROM `users` LIMIT 0, 30 "); |
|
|
|
dree12
Legendary
Offline
Activity: 1246
Merit: 1077
|
|
September 07, 2012, 02:39:23 AM |
|
I figured it out on my own.... But dree for all your help I would like to pay you and also, ask if you would be willing to help me with code ass need of course you will be paid whats the address? The code that needed to be changed was..... drum roll $result=mysql_query("SELECT * FROM users WHERE username='$username'");To $result=mysql_query("SELECT * FROM `users` LIMIT 0, 30 ");I don't think this does what you think it does. This happens to work with only one user, but if the number of users increase, then there will be a problem. My address is 16GF23SM6mprHQt55Acav2d2NhzrM5obYF. I will divide the amount up to the others who have helped appropriately. |
|
|
|
|
Inaba
Legendary
Offline
Activity: 1260
Merit: 1000
|
|
September 07, 2012, 02:41:35 AM |
|
For the love of god, turn this off of a live server right now. It's like a poster child for an SQL injection exploit. Never. Ever. Ever. Ever. Ever. put raw, unsanitized data into your SQL query. mysql_real_escape_string() is not enough.
Also (and I'm guilty of this, I admit) do not die with the mysql_error. Give a generic message and log the error somewhere that is not open to the public.
|
If you're searching these lines for a point, you've probably missed it. There was never anything there in the first place.
|
|
|
|
BitcoinINV (OP)
|
|
September 07, 2012, 02:42:01 AM |
|
Sent your right lol it just shows my login name and email... its got to be something in that line then
|
|
|
|
gweedo
Legendary
Offline
Activity: 1498
Merit: 1000
|
|
September 07, 2012, 02:45:06 AM |
|
For the love of god, turn this off of a live server right now. It's like a poster child for an SQL injection exploit. Never. Ever. Ever. Ever. Ever. put raw, unsanitized data into your SQL query. mysql_real_escape_string() is not enough.
Also (and I'm guilty of this, I admit) do not die with the mysql_error. Give a generic message and log the error somewhere that is not open to the public.
but PDO would be over his head obviously, so can't really help him |
|
|
|
|
|
BitcoinINV (OP)
|
|
September 07, 2012, 02:45:27 AM |
|
For the love of god, turn this off of a live server right now. It's like a poster child for an SQL injection exploit. Never. Ever. Ever. Ever. Ever. put raw, unsanitized data into your SQL query. mysql_real_escape_string() is not enough.
Figured double salt would stop that but I don't know much about coding this is my first shot lol. Have a friend how does site security going to get him to give it a go over when Im all done |
|
|
|
|
payb.tc
|
|
September 07, 2012, 02:47:37 AM |
|
For the love of god, turn this off of a live server right now. It's like a poster child for an SQL injection exploit. Never. Ever. Ever. Ever. Ever. put raw, unsanitized data into your SQL query. mysql_real_escape_string() is not enough.
Also (and I'm guilty of this, I admit) do not die with the mysql_error. Give a generic message and log the error somewhere that is not open to the public.
financial website + $5 dev budget + source posted on public forum what could possibly go wrong?  |
|
|
|
|
|
BitcoinINV (OP)
|
|
September 07, 2012, 02:48:34 AM |
|
For the love of god, turn this off of a live server right now. It's like a poster child for an SQL injection exploit. Never. Ever. Ever. Ever. Ever. put raw, unsanitized data into your SQL query. mysql_real_escape_string() is not enough.
Also (and I'm guilty of this, I admit) do not die with the mysql_error. Give a generic message and log the error somewhere that is not open to the public.
but PDO would be over his head obviously, so can't really help him I don't want to here nothing after that horrible website you posted the other day and you call yourself a pro lol. I'm a straight noob at coding and my shit looks 10 times better then yours. Bet everyone wishes they could use one page email forms. This is going no where time to lock... |
|
|
|
|
