We're a community of 1076K IT Pros here for help, advice, solutions, professional growth and fun. Join us!
1,075,970 Members — Technology Publication meets Social Media
Username:
Password:
Lost login information?
Start New Discussion Reply to this Discussion
Ad: Free Investment Planning kit
3 Months Ago
0

Why does this happen on a website, but not on localhost?

Hi guys.

I am seriously confused with this issue. I've set up some pages to ban, unban and approve a user. On localhost, it works fine. I can ban them and their record is updated to show that. I can unban them and again, it's updated. I can also approve and all is fine.

However, when I uploaded this to a website I'm having a big problem. When I try and approve a user, or unban them - it changes their banned/approved state and then logs me in as them! And when I try and ban them, it just logs me out.

Here is the code I have (I'll show you the banned pages, as they're all basically the same):

ban.php

<?php
include 'core/init.php';
protect_page();
not_admin_redirect();
?>
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<title>Liste - </title>
<link rel="stylesheet" type="text/css" href="css/main.css" />
</head>

<body style="background-image: url(http://i.imgur.com/Wim7Rj9.png);">

   <!-- Begin Wrapper -->
   <div id="wrapper">

         <!-- Begin Header -->
         <div id="header">

               <center><a href="liste.php"><img src="http://forum.defensedpt.com/Themes/Fresh/images/theme/logo.png"></a></center>


         </div>
         <!-- End Header -->

         <!-- Begin Left Column -->
         <div id="leftcolumn">
            <?php
                $result = mysql_query("SELECT `user_id`, `username` FROM `users` WHERE `approved`=1 AND `banned`=0 ORDER BY `username`");

                echo "<center><table>";
                    while($row = mysql_fetch_array($result)) {
                        echo "<tr><td align=center><font color=\"white\">" . htmlspecialchars($row['username']) . "</font></td><td><font color=\"white\"> | </font></td><td><a href=\"ban_user.php?user_id=" . $row['user_id'] . "\"><font color=\"white\">Ban</font></a></td>";
                    }
                    echo "</table></center>";
            ?>
            <br><center><a href="liste.php">Go back</a></center>
         </div>
         <!-- End Left Column -->

         <!-- Begin Right Column -->
         <div id="rightcolumn">

                 <center>
                    <?php 
                        include 'loggedin.php';
                        include 'habbo_image.php';
                    ?>

                    <hr>
                    <a href="logout.php"><font size="3">Logout</font></a>
                    <br />
                    <a href="changepassword.php"><font size="3">Change Password</font></a>
                    <hr>
                    <br />
                    <hr>
                    <a href="liste.php">E-3+ (OPNAV)</a>
                    <hr>
                    <a href="dd.php">Dishonorable Discharge</a>
                    <hr>
                    <a href="hd.php">Honorable Discharge</a>
                    <hr>
                    <a href="deserter.php">Deserter</a>
                    <hr>
                    <br />
                    <?php
                    if ($user_data['permissions'] == 2) {
                    echo '
                    <hr>
                    <a href="approve.php">Approve Users</a>
                    <hr>
                    <a href="ban.php">Ban Users</a>
                    <hr>
                    <a href="unban.php">Unban Users</a>
                    <hr>';
                    } else {
                    echo ''; }?>
                    </center>
         </div>
         <!-- End Right Column -->

         <!-- Begin Footer -->
         <div id="footer">

               <center>DefenseDpt.com &copy All rights reserved</center>  

         </div>
         <!-- End Footer -->

   </div>
   <!-- End Wrapper -->

</body>
</html>

ban_user.php

<?php
include 'core/init.php';
protect_page();
not_admin_redirect();
$user_id = $_GET['user_id']; 
mysql_query("UPDATE `users` SET `banned`= 1 WHERE `user_id` = $user_id");  
header('Location: liste.php'); 
?>

Thanks guys. If you need me to explain what a function is or does, or anything like that, please ask. I wasn't really sure what you guys needed, short of providing all 41 of my files.

Oh - and when someone logs in a $_SESSION is set with their user id, and when someone logs out that $_SESSION is destroyed.

Thanks guys!

4
Contributors
6
Replies
3 Hours
Discussion Span
3 Months Ago
Last Updated
8
Views
Noth
Newbie Poster
7 posts since Nov 2012
Reputation Points: 0
Solved Threads: 0
Skill Endorsements: 0
3 Months Ago
0

OK, coupla things:

1) Try to separate the HTML and the PHP - this is a bit of a headache to try and sift through.
2) WRT HTML - you're using deprecated tags à la 1990s.

I can't really see any problem here other than have you got a session_start in every page (is it in init.php?).

diafol
Keep Smiling
Moderator
10,647 posts since Oct 2006
Reputation Points: 1,628
Solved Threads: 1,510
Skill Endorsements: 57
3 Months Ago
0

Yeah, session_start() is in init.php

Noth
Newbie Poster
7 posts since Nov 2012
Reputation Points: 0
Solved Threads: 0
Skill Endorsements: 0
3 Months Ago
0

Not this this will fix your issue, but you should definately consider using a document type declaration just above the <html> opening tag. Without it, you are surely going to run into quirky issues since IE will go into quirks mode without a proper doctype.

Just start getting use to HTML5... it will require you to stop using some of the deprecated tags you have listed above, but it doesnt require you to use HTML5 elements.

<!DOCTYPE html>
<html>
...

sorry for a response that isnt related to the question, but again...you will come accross cross-browser compatibility issues eventually if you havent already.

JorgeM
Industrious Poster
4,017 posts since Dec 2011
Reputation Points: 294
Solved Threads: 546
Skill Endorsements: 115
3 Months Ago
0

I uploaded it all to a different host and it works fine. Does anyone know what could be preventing this at HostGator?

Noth
Newbie Poster
7 posts since Nov 2012
Reputation Points: 0
Solved Threads: 0
Skill Endorsements: 0
3 Months Ago
0

Does anyone know what could be preventing this at HostGator?

Beats me.

diafol
Keep Smiling
Moderator
10,647 posts since Oct 2006
Reputation Points: 1,628
Solved Threads: 1,510
Skill Endorsements: 57
3 Months Ago
0

I understand this post is solved with the new host, but there are some security concerns with your code that you should take care of.

<?php
include 'core/init.php';
protect_page();
not_admin_redirect();
$user_id = $_GET['user_id']; 
mysql_query("UPDATE `users` SET `banned`= 1 WHERE `user_id` = $user_id");  
header('Location: liste.php'); 
?>

The mysql query has the parameter $user_id which is not 'sanitized' before adding to the query.

Whenever you make an sql query, make sure you validate the datatype. The $user_id is probably an interger so you need to use $user_id = intval($_GET['user_id']);

If your variable is a string, then make sure you use mysql_real_escape_string($_GET['user_id']);

As your code is now, someone could do:

ban_user.php?user_id=(some sub sql query here)

That would execute another sql query of choice of the attacker.

The code also has a CSRF vulnerability.
https://www.owasp.org/index.php/Cross-Site_Request_Forgery_(CSRF)

digital-ether
Nearly a Posting Virtuoso
Team Colleague
1,295 posts since Sep 2005
Reputation Points: 461
Solved Threads: 101
Skill Endorsements: 9

This article has been dead for over three months: Start a new discussion instead

Post: Markdown Syntax: Formatting Help
 
You
Web Development > PHP
 
© 2013 DaniWeb® LLC
Page rendered in 0.1314 seconds using 2.74MB