WARNING
huge php script, watch your head
/WARNING :D

Ok, i want to start by saying that this is part of a free script im making and therefor may be used by anyone, the script if available at:


http://pctipforum.com/index.php?topic=345.0

next i want to say that this is a login script for the admin panel of the above utility, the utility is a php based guestbook

This admin panel, for now, offers the person whom uses it the ability to delete and entry from the guestbook, at the time it does not work

I think there is a piece missing where its marked, youll see it torward the end like this:

//---------------------------------
//<--- SOMETHING GOES HERE --->
//---------------------------------

some part of the script is not escaped with a } and so its missing a piece, the script WAS functional, when it had multiple pages, ie this page linked to another page to parse the form..

but after i got about 30 pages in this simple to use guestbook, it became too complicated, as such i put them into one page, and now i cant figure out what im missing ><

please help

<?PHP
//turn off error reporting...
error_reporting(0);

//Include the file with the password
include ("Config.php");

//Convert the username and password into usable strings
$user = $_POST['user'];
$pass = $_POST['pass'];

//We need to disable the first parse of this script, which is when the person first come to the page...
if($user=="")

{
	echo '
	<center>
	<table border="0">
	<form method="POST" action="A_login.php">
	<tr><td>
	Admin Username:
	<td>
	<input type="text" name="user">
	<tr><td>
	Admin Password:
	<td>
	<input type="password" name="pass">
	<tr><td>
	Submit:
	<td>
	<input type="submit" value="Submit">
	</form>
	</table>
	</center>
	<center>
 	This will display the FULL guestbook, it gets quite long....
 	</center>
	';

 	die(''); 
}

if($Delete=="")


{
	//Check username and password
	if (($user=="$Ad_Username") && ($pass=="$Ad_Password"))
	{
		//if its right, we can go ahead and display the info

		echo '
		<br><br>
		<center>
		<h2>THIS WILL DELETE WHATEVER NUMBER YOU INPUT!</h2>
		</center>
		<br>
		<center>
		<table border="0">
		<form method="POST" action="A_login.php">
		<input type="hidden" value="$user" name="user">
		<input type="hidden" value="$pass" name="pass">
		<tr><td>
		DELETE NUMBER:
		<td>
		<input type="text" name="Delete">
		<tr><td>
		Submit:
		<td>
		<input type="submit" value="Submit">
		</form>
		</table>
		</center>
		';

		//Admin Guestbook, for use in the panel ONLY
		echo '<br><br><br>';
		echo '<center>';
		//This includes the Configuration file that should be in the same folder as this guestbook Script
		include ("Config.php");


		//This is where the Script connects to your database
		$con = mysql_connect("$Hostname","$Username","$Password");
		if (!$con)
		{
			die('Could not connect: ' . mysql_error());
		}

		//Selects the database in config.php
		mysql_select_db("$Database", $con);

		//Selects the info from the guestbook table and sets it as a variable
		$result = mysql_query("SELECT * FROM $Table ORDER BY Number DESC");

		//This portion configures the table which will display the guestbook
		echo "<font color=$HeaderColor size=\"2\">FOR USE IN THE ADMIN PANEL ONLY</font>";
		echo '<br><br>';
		echo "<table width=\"80%\" Border=\"$TableBord\">";
		echo "<tr><td><font color=$HeaderColor>Number<td><font color=$HeaderColor>Smiley<td><font color=$HeaderColor>Name<td><font color=$HeaderColor>Date<td><font color=$HeaderColor>Comment<td><font color=$HeaderColor>Email<td><font color=$HeaderColor>IP";

		//This is an array, it takes each entry into the guestbook and puts it on a line
		while($row = mysql_fetch_array($result))
		{
			Echo "<tr>";
			Echo "<td><font color=$EntryColor>";
			Echo $row['Number'];
			Echo "<td><img src=Smiley/";
			Echo $row['Smiley'];
			Echo ".gif>";
			Echo "<td><font color=$EntryColor>";
			Echo $row['Name'];
			Echo "<td><font color=$EntryColor>";
			Echo $row['Date'];
			Echo "<td><font color=$EntryColor>";
			Echo $row['Comment'];
			Echo "<td><font color=$EntryColor>";
			Echo $row['Email'];
			Echo "<td><font color=$EntryColor>";
			Echo $row['IP'];
		}
		Echo "</font>";

		//Disconnect from the database
		mysql_close($con);

		//End Admin Guestbook viewer
		echo '</center>';
		 die(''); 
	}

	else

	{ 
		die('Wrong username and or password!');
	}

//---------------------------------
//<--- SOMETHING GOES HERE --->
//---------------------------------

else 

{ 
	//This includes the Configuration file that should be in the same folder as this Script
	include ("Config.php");
	echo "
	<a href=$LINK>Return</a>
	<br><br><br><br>
	";

	//This is where the Script connects to your database
	$con = mysql_connect("$Hostname","$Username","$Password");
	if (!$con)
	{
		die('Could not connect: ' . mysql_error());
	}

	//Selects the database in config.php
	mysql_select_db("$Database", $con);

	$sql="DELETE FROM $Table WHERE Number='$_POST[Delete]'";

	if (!mysql_query($sql,$con))
	{
		die('Error: ' . mysql_error());
	}
	echo "record deleted";
}

?>

p.s. yes i know its messy, yes i know i have a LOT of html being parsed by php, i will clean it up later, right now its like that for simplicities sake....

thanks in advance!

ok, i found the problem, it was just a missing }

i tried that once, but it kept redirecting me to the same page i was on, so i thaught something else should go there...

the place i messed up is in the hidden inputs under one of the forms, the form assumes a variable that cannot be used...

here is the fixed and 100% working script:

<?PHP
//turn off error reporting...
error_reporting(0);

//Include the file with the password
include ("Config.php");

//Convert the username and password into usable strings
$user = $_POST['user'];
$pass = $_POST['pass'];
$Delete = $_POST['Delete'];

//We need to disable the first parse of this script, which is when the person first come to the page...
if($user=="")

{
	echo '
	<center>
	<table border="0">
	<form method="POST" action="A_login.php">
	<tr><td>
	Admin Username:
	<td>
	<input type="text" name="user">
	<tr><td>
	Admin Password:
	<td>
	<input type="password" name="pass">
	<tr><td>
	Submit:
	<td>
	<input type="submit" value="Submit">
	</form>
	</table>
	</center>
	<center>
 	This will display the FULL guestbook, it gets quite long....
 	</center>
	';

 	die(''); 
}

if($Delete=="")


{
	//Check username and password
	if (($user=="$Ad_Username") && ($pass=="$Ad_Password"))
	{
		//if its right, we can go ahead and display the info

		echo '
		<center>
		<h2>THIS WILL DELETE WHATEVER NUMBER YOU INPUT!</h2>
		</center>
		<br>
		<center>
		<table border="0">
		<form method="POST" action="A_login.php">
		<input type="hidden" name="user" value="';

		echo $user;

		echo '">';

		echo '<input type="hidden" name="pass" value="';

		echo $pass;

		echo '">
		<tr><td>
		DELETE NUMBER:
		<td>
		<input type="text" name="Delete">
		<tr><td>
		Submit:
		<td>
		<input type="submit" value="Submit">
		</form>
		</table>
		</center>
		';

		//Admin Guestbook, for use in the panel ONLY
		echo '<br><br><br>';
		echo '<center>';
		//This includes the Configuration file that should be in the same folder as this guestbook Script
		include ("Config.php");


		//This is where the Script connects to your database
		$con = mysql_connect("$Hostname","$Username","$Password");
		if (!$con)
		{
			die('Could not connect: ' . mysql_error());
		}

		//Selects the database in config.php
		mysql_select_db("$Database", $con);

		//Selects the info from the guestbook table and sets it as a variable
		$result = mysql_query("SELECT * FROM $Table ORDER BY Number DESC");

		//This portion configures the table which will display the guestbook
		echo "<font color=$HeaderColor size=\"2\">FOR USE IN THE ADMIN PANEL ONLY</font>";
		echo '<br><br>';
		echo "<table width=\"80%\" Border=\"$TableBord\">";
		echo "<tr><td><font color=$HeaderColor>Number<td><font color=$HeaderColor>Smiley<td><font color=$HeaderColor>Name<td><font color=$HeaderColor>Date<td><font color=$HeaderColor>Comment<td><font color=$HeaderColor>Email<td><font color=$HeaderColor>IP";

		//This is an array, it takes each entry into the guestbook and puts it on a line
		while($row = mysql_fetch_array($result))
		{
			Echo "<tr>";
			Echo "<td><font color=$EntryColor>";
			Echo $row['Number'];
			Echo "<td><img src=Smiley/";
			Echo $row['Smiley'];
			Echo ".gif>";
			Echo "<td><font color=$EntryColor>";
			Echo $row['Name'];
			Echo "<td><font color=$EntryColor>";
			Echo $row['Date'];
			Echo "<td><font color=$EntryColor>";
			Echo $row['Comment'];
			Echo "<td><font color=$EntryColor>";
			Echo $row['Email'];
			Echo "<td><font color=$EntryColor>";
			Echo $row['IP'];
		}
		Echo "</font>";

		//Disconnect from the database
		mysql_close($con);

		//End Admin Guestbook viewer
		echo '</center>';
		die(''); 
	}

	else

	{ 
		die('Wrong username and or password!');
	}
}

else

{ 
	//This includes the Configuration file that should be in the same folder as this Script
	include ("Config.php");

		echo '
		<center>
		<table border="0">
		<form method="POST" action="A_login.php">
		<input type="hidden" name="user" value="';
		echo $user;
		echo '">';
		echo '<input type="hidden" name="pass" value="';
		echo $pass;
		echo '">
		<tr><td>
		<tr><td>
		<input type="submit" value="Return to admin page">
		</form>
		</table>
		</center>
		<br>
		<center>
		';



	//This is where the Script connects to your database
	$con = mysql_connect("$Hostname","$Username","$Password");
	if (!$con)
	{
		die('Could not connect: ' . mysql_error());
	}

	//Selects the database in config.php
	mysql_select_db("$Database", $con);

	$sql="DELETE FROM $Table WHERE Number='$_POST[Delete]'";

	if (!mysql_query($sql,$con))
	{
		die('Error: ' . mysql_error());
	}
	echo "record deleted, or did not exist, either way its no longer in the database...";
}
echo '</center>';

?>

Have fun, and check out pctipforum.com

First of all, there are some problems you need to address before anyone even thinks about downloading/using this. You have a username and password stored in plain text on the server. Not Good! A database should be used to store them. The password should be hashed as well. You also have post data going directly into queries. This is a huge sql injection hole. Also I couldn't find much valid xhtml or even html.

Security is a must in todays world. That will be hacked quickly.

Also, I looked at your demo. There is no spam prevention. You might want to fix that before someone starts spamming you.

Also by compiling it into one script the file size is huge and it will take PHP a much longer time to parse the whole file

i know.

this was my first script, as such i was working piece by piece, the entire script is now split into a couple different files, and the database houses a few different hashed passwords.

This was a learning experience for me :P

also, on the spamming part of things, that was added later and i thank you for pointing it out anyway :D

Yeh, some major holes in that :/
I wouldnt recomend anyone using it for security issues until you've fixed it up. Look up CSRF aswell, i've made it a mission to get more people protecting the forms against it. Also there is (as pointed out above) a huge SQL injection possible.
Hope this helps

This article has been dead for over six months. Start a new discussion instead.