Welcome to Scribd!

PHP Login Form With Anti SQL Injection Script

Uploaded by

0% found this document useful (0 votes)

202 views6 pages

This document provides instructions for setting up a PHP login form with anti-SQL injection protection. It includes creating a database table to store user credentials, scripts for the login form, validation of user input, session handling, and login timeout functionality to prevent unauthorized access. The purpose is to allow users to log in securely while preventing SQL injection attacks.

Original Description:

Copyright

Available Formats

DOC, PDF, TXT or read online from Scribd

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Report this Document

Copyright:

Attribution Non-Commercial (BY-NC)

Available Formats

Download as DOC, PDF, TXT or read online from Scribd

Flag for inappropriate content

0% found this document useful (0 votes)

202 views6 pages

PHP Login Form With Anti SQL Injection Script

Uploaded by

Rezy Alt

Copyright:

Attribution Non-Commercial (BY-NC)

Available Formats

Download as DOC, PDF, TXT or read online from Scribd

Flag for inappropriate content

Jump to Page

You are on page 1of 6

Search inside document

HACK ME -- PHP Login Form with ANTI SQL INJECTION Script.

>> DATABASE: CREATE TABLE IF NOT EXISTS ùsers` ( ùsername` varchar(50) COLLATE latin1_general_ci NOT NULL, `password` varchar(50) COLLATE latin1_general_ci NOT NULL, `full_name` varchar(100) COLLATE latin1_general_ci NOT NULL, èmail` varchar(100) COLLATE latin1_general_ci NOT NULL, `phone` varchar(20) COLLATE latin1_general_ci NOT NULL, `level` varchar(20) COLLATE latin1_general_ci NOT NULL DEFAULT 'user', `block` enum('Y','N') COLLATE latin1_general_ci NOT NULL DEFAULT 'N', ìd_session` varchar(100) COLLATE latin1_general_ci NOT NULL, PRIMARY KEY (ùsername`) ) ENGINE=MyISAM DEFAULT CHARSET=latin1 COLLATE=latin1_general_ci; >> SCRIPT: 1. public_html/login_form.php <form name="login" action="config/login_check.php" method="post"> <table> <tr><td>Username</td><td> : <input type="text" name="username"></td></tr> <tr><td>Password</td><td> : <input type="password" name="password"></td></tr> <tr><td colspan="2"><input type="submit" value="Login"></td></tr> </table> </form>

2. public_html/config/login_check.php

<?php include "conn.php"; //connection file function anti_injection($data){ $filter = mysql_real_escape_string(stripslashes(strip_tags(htmlspecialchars($data,ENT_QUOTES)))); return $filter; } $username = anti_injection($_POST['username']); $pass = anti_injection(md5($_POST['password']));

//make sure the username and password are character or number. if (!ctype_alnum($username) OR !ctype_alnum($pass)){ echo "Bingo!! Now the login form is secure. No more SQL Injection."; } else{ $login=mysql_query("select * from users where username='$username' and password='$pass' and block='N'"); $found=mysql_num_rows($login); $r=mysql_fetch_array($login); //If found the username and password if ($found > 0){ session_start(); include "timeout.php"; $_SESSION[username] $_SESSION[fullname] $_SESSION[passuser] = $r[username]; = $r[full_name]; = $r[password];

$_SESSION[leveluser] // session timeout $_SESSION[login] = 1; timer(); $old_sid = session_id(); session_regenerate_id(); $new_sid = session_id();

= $r[level];

mysql_query("update users set id_session='$new_sid' where username='$username'"); header('location:../clientarea/index.php'); //page redirection, after success login } else{ echo "<center>LOGIN FAILED!!<br/> Wrong username or password.<br/> Or your account being blocked.<br/>"; echo "<a href=../index.php><b>Please repeat again.</b></a></center>"; } } ?> 3. public_html/config/timeout.php <?php session_start(); function timer(){ $time=10000; //set the timer $_SESSION[timeout]=time()+$time; } function login_check(){

$timeout=$_SESSION[timeout]; if(time()<$timeout){ timer(); return true; }else{ unset($_SESSION[timeout]); return false; } } ?>

4. public_html/config/logout.php <?php session_start(); session_destroy(); echo "<center>You have successfully exit the system.<b>[LOGOUT]</b></center>"; ?> 5. Add this script before "<html>" tag to the public_html/clientarea/ALLPAGES.PHP (all pages) <?php session_start(); error_reporting(0); include "../config/timeout.php"; if($_SESSION[login]==1){ if(!login_check()){ $_SESSION[login] = 0; }

} if($_SESSION[login]==0){ header('location:../config/logout.php'); } else{ if (empty($_SESSION['username']) AND empty($_SESSION['passuser']) AND $_SESSION['login']==0){ <center>To access this area, you have to login first!<br/>"; echo "<a href=../index.php><b>LOGIN</b></a></center>"; } else{ ?> <html> 6. And add this closing script after "</html>" tag to the public_html/clientarea/ALLPAGES.PHP (all pages) </html> <?php } } ?>  If any mistakes, please remind me. ;-) I think need some explanatiion here. Mmm.. maybe next.. if I have a time, I will explain.. Just try it.. to test your "HACKING" skill, okay.. ;-p

Thanks.

CSS for Hotel Bookings
From Everand
CSS for Hotel Bookings
Abdelfattah Ragab
No ratings yet
PHP Login Form With Anti SQL Injection Script
Document4 pages
PHP Login Form With Anti SQL Injection Script
redazaza
No ratings yet
Login System
Document61 pages
Login System
Guru Balan
No ratings yet
Login Form Controller
Document7 pages
Login Form Controller
Eric Gabrielson
No ratings yet
PHP Login System
Document9 pages
PHP Login System
mortu100
No ratings yet
Materi Login
Document5 pages
Materi Login
Christine Verina
No ratings yet
DokumentasiLSP HandriKusuma 191011400870 AbsenNo5
Document18 pages
DokumentasiLSP HandriKusuma 191011400870 AbsenNo5
Khaironi Daffa Karim Ansharri
No ratings yet
Open Source Technologies - PHP Lab
Document55 pages
Open Source Technologies - PHP Lab
KUMANA JAYASHREE.R B.Sc(CS)
No ratings yet
C40 Day3 Assignment2
Document9 pages
C40 Day3 Assignment2
Nataliya Karmarkar
No ratings yet
Secure Login
Document9 pages
Secure Login
Gap
No ratings yet
PHP Login Script Tutorial
Document6 pages
PHP Login Script Tutorial
Ruliyadi Irawan
No ratings yet
Sweetalertlink
Document5 pages
Sweetalertlink
princess bermundo
No ratings yet
chatGPT PHP
Document7 pages
chatGPT PHP
rbarbarin
No ratings yet
H1D021056 - Muhammad Hanif - SoundCloud - H - RESPONSI2
Document10 pages
H1D021056 - Muhammad Hanif - SoundCloud - H - RESPONSI2
Azazel Lucifer
No ratings yet
Source Coode
Document31 pages
Source Coode
Qhueng VaLencia Francisco
No ratings yet
Creating A Login Script With PHP and Mysql
Document4 pages
Creating A Login Script With PHP and Mysql
DBocar
100% (8)
Belajar Login
Document8 pages
Belajar Login
musang789.king
No ratings yet
Practical Module 6
Document30 pages
Practical Module 6
Augen Livere D'prinzessin
No ratings yet
246 Gheewala Shivam
Document29 pages
246 Gheewala Shivam
Mayur Panchal
No ratings yet
Creating Multi User Role Based Admin Using PHP Mysql and Bootstrap
Document8 pages
Creating Multi User Role Based Admin Using PHP Mysql and Bootstrap
Moses Kabete
No ratings yet
Create Table
Document4 pages
Create Table
Dwi Wahono
No ratings yet
Laraver Login Personalizado
Document11 pages
Laraver Login Personalizado
to tavares
No ratings yet
HTML Code For User Login : Rel Type Href
Document4 pages
HTML Code For User Login : Rel Type Href
Abhirup Roy
100% (1)
Include Include
Document6 pages
Include Include
Kristine Ferry
No ratings yet
WP Config - PHP
Document20 pages
WP Config - PHP
Anonymous GyWzu5pH
No ratings yet
All Codes
Document143 pages
All Codes
joshuabianzon012
No ratings yet
PBT2 Web Programming (F2022, F2026)
Document19 pages
PBT2 Web Programming (F2022, F2026)
Akmal Azhar
No ratings yet
OSS - Lab - Exc Final
Document29 pages
OSS - Lab - Exc Final
Selva Raj. I
No ratings yet
PHP Login Page Example
Document2 pages
PHP Login Page Example
Hawk Eye
No ratings yet
Login Script
Document3 pages
Login Script
Indrawati M Jusuf
No ratings yet
Lab Session No.-11: Object
Document15 pages
Lab Session No.-11: Object
Pravesh maurya
No ratings yet
PHP, Mysql and Authentication 101
Document9 pages
PHP, Mysql and Authentication 101
ringku2k
No ratings yet
Bikin Sign Up Dan Sign in Pake PHP Code
Document3 pages
Bikin Sign Up Dan Sign in Pake PHP Code
oshinmc
No ratings yet
Model Praktikum PWPB CI 4 (Login)
Document4 pages
Model Praktikum PWPB CI 4 (Login)
Ade Rizki ID
No ratings yet
Website For Salon 2
Document4 pages
Website For Salon 2
Rabbi Ali
No ratings yet
SDL Assignment 5
Document4 pages
SDL Assignment 5
TYCOC173Anish Powar
No ratings yet
Hacked by Mom
Document7 pages
Hacked by Mom
testusr
No ratings yet
Login System
Document6 pages
Login System
Vansh Rana
No ratings yet
Hacked by Brother
Document3 pages
Hacked by Brother
testusr
No ratings yet
Activation Button
Document4 pages
Activation Button
Asna Mohamed
No ratings yet
A Basic Guide To Implement A SOAP Client in PHP: Downloading, Installing and Configuring PHP
Document8 pages
A Basic Guide To Implement A SOAP Client in PHP: Downloading, Installing and Configuring PHP
Ng Meried
No ratings yet
(QUIZ) (Show Comment With User Name) (PHP Code)
Document8 pages
(QUIZ) (Show Comment With User Name) (PHP Code)
logoempire 004
No ratings yet
Code
Document4 pages
Code
kanade000999
No ratings yet
Source Code To Edith
Document8 pages
Source Code To Edith
CG Torres
No ratings yet
Compatible PHP Con SAP
Document13 pages
Compatible PHP Con SAP
Iribel Betancourt
No ratings yet
Making Login Menu With PHP and mySQL
Document38 pages
Making Login Menu With PHP and mySQL
Didi Haryadi
No ratings yet
Executing Arbitrary SQL
Document5 pages
Executing Arbitrary SQL
Pankaj Singh
No ratings yet
Change Log in
Document10 pages
Change Log in
Christine Bacud
No ratings yet
Myadmin
Document14 pages
Myadmin
Marianinu antony
No ratings yet
Build Live Chat System With Ajax, PHP & MySQL PDF
Document19 pages
Build Live Chat System With Ajax, PHP & MySQL PDF
Szilágyi Ignác
No ratings yet
PHP 2
Document24 pages
PHP 2
Sumit Chandra
No ratings yet
Egov System Report
Document27 pages
Egov System Report
prabinkarki
No ratings yet
1.16 Lampiran Listing Program
Document33 pages
1.16 Lampiran Listing Program
Syarifah Ulza
No ratings yet
Source Code:: Admin Login Form
Document19 pages
Source Code:: Admin Login Form
Srisowmiya N
No ratings yet
Depronto Infotech
Document14 pages
Depronto Infotech
tripurasuryawanshi1
No ratings yet
2019 Kep1392 A 14201 14 0609088103 1
Document9 pages
2019 Kep1392 A 14201 14 0609088103 1
Rivan Afrizal
No ratings yet
Exercise-10 IWP
Document7 pages
Exercise-10 IWP
Kush Choudhary
No ratings yet
Using PHP and MySQL in Android To Manage Records
Document38 pages
Using PHP and MySQL in Android To Manage Records
joiannagcaoili
No ratings yet
Exercise-8 IWP 18BCE0557 Kushal: 1) DB Creation Code
Document10 pages
Exercise-8 IWP 18BCE0557 Kushal: 1) DB Creation Code
Kush Choudhary
No ratings yet
Sistem Layanan Berbasis Lokasi Pertemuan 12
Document12 pages
Sistem Layanan Berbasis Lokasi Pertemuan 12
Kayen Draw
No ratings yet
Less16 Recovery
Document22 pages
Less16 Recovery
mca_java
No ratings yet
MySql Revision Tour
Document11 pages
MySql Revision Tour
Harshit DixitNM
No ratings yet
BISP Teradata Basics
Document72 pages
BISP Teradata Basics
Vitthal Tapashi
No ratings yet
Gartner 361501-2019-Planning-Guide-For-Data-And-Analytics
Document44 pages
Gartner 361501-2019-Planning-Guide-For-Data-And-Analytics
Vladik
No ratings yet
Fixes 12
Document5 pages
Fixes 12
Violita Anggreani
No ratings yet
A Survey of Correlated High Utility Pattern Mining
Document15 pages
A Survey of Correlated High Utility Pattern Mining
Baranishankar
No ratings yet
SQL Server 2005 or Later Database Mirroring Step-By-step Guide
Document6 pages
SQL Server 2005 or Later Database Mirroring Step-By-step Guide
Tagarika Magadzire
No ratings yet
Assignment On SQL
Document6 pages
Assignment On SQL
Vasanth Kumar
No ratings yet
More Examples of Interpreting Wait Events To Boost System Performance
Document122 pages
More Examples of Interpreting Wait Events To Boost System Performance
Ragin Chittaliya
No ratings yet
Class X Imp Notes Cbse
Document131 pages
Class X Imp Notes Cbse
Ruthvik Tarang Goggi
No ratings yet
Informatica MDM
Document4 pages
Informatica MDM
Prithwiraj Mallick
0% (1)
Oracle To Sybase ASE Migration Guide
Document66 pages
Oracle To Sybase ASE Migration Guide
5744
No ratings yet
Information Backups
Document7 pages
Information Backups
Igun Zilla
No ratings yet
North Wind
Document14 pages
North Wind
urcoads
No ratings yet
5 Process Synchronizaion
Document58 pages
5 Process Synchronizaion
Lokesh Saini
No ratings yet
Mongodb On Red Hat
Document12 pages
Mongodb On Red Hat
Luis Contreras
No ratings yet
Unit 9
Document34 pages
Unit 9
Anonymous 7wk2G5BX
No ratings yet
Log
Document648 pages
Log
Dziban AliXII AN 2
No ratings yet
Fundamentals of Database System PQ1 PRELIM EXAM
Document25 pages
Fundamentals of Database System PQ1 PRELIM EXAM
Albert Swak
No ratings yet
Hive Azure
Document646 pages
Hive Azure
ahmed_sft
No ratings yet
Amir Dror: Business Analyst
Document3 pages
Amir Dror: Business Analyst
Liav Kfir
No ratings yet
Sparql 1 1 Cheat Sheet
Document18 pages
Sparql 1 1 Cheat Sheet
Gonçalo Palaio
No ratings yet
Multi Select Drop Down List Box Type Entries For Datawindows Drsbgogia
Document2 pages
Multi Select Drop Down List Box Type Entries For Datawindows Drsbgogia
levi'c
No ratings yet
Apps DBA Tasks 1
Document3 pages
Apps DBA Tasks 1
kebkg
No ratings yet
Useful Commands-Brocade
Document1 page
Useful Commands-Brocade
Mrityunjoy Kundu
No ratings yet
HCIA-Big Data
Document4 pages
HCIA-Big Data
airesgaspar5
No ratings yet
1.smart Data Access
Document30 pages
1.smart Data Access
shreyessorte3984
100% (1)
Advantage ODBC Driver DS
Document3 pages
Advantage ODBC Driver DS
Jose Joe
No ratings yet
Introduction of Business Intelligence
Document48 pages
Introduction of Business Intelligence
maryam nabilah
No ratings yet
Aggregation
Document7 pages
Aggregation
Ram Guggul
No ratings yet