0

WARNING
huge php script, watch your head
/WARNING :D

Ok, i want to start by saying that this is part of a free script im making and therefor may be used by anyone, the script if available at:


http://pctipforum.com/index.php?topic=345.0

next i want to say that this is a login script for the admin panel of the above utility, the utility is a php based guestbook

This admin panel, for now, offers the person whom uses it the ability to delete and entry from the guestbook, at the time it does not work

I think there is a piece missing where its marked, youll see it torward the end like this:

//---------------------------------
//<--- SOMETHING GOES HERE --->
//---------------------------------

some part of the script is not escaped with a } and so its missing a piece, the script WAS functional, when it had multiple pages, ie this page linked to another page to parse the form..

but after i got about 30 pages in this simple to use guestbook, it became too complicated, as such i put them into one page, and now i cant figure out what im missing ><

please help

<?PHP
//turn off error reporting...
error_reporting(0);

//Include the file with the password
include ("Config.php");

//Convert the username and password into usable strings
$user = $_POST['user'];
$pass = $_POST['pass'];

//We need to disable the first parse of this script, which is when the person first come to the page...
if($user=="")

{
	echo '
	<center>
	<table border="0">
	<form method="POST" action="A_login.php">
	<tr><td>
	Admin Username:
	<td>
	<input type="text" name="user">
	<tr><td>
	Admin Password:
	<td>
	<input type="password" name="pass">
	<tr><td>
	Submit:
	<td>
	<input type="submit" value="Submit">
	</form>
	</table>
	</center>
	<center>
 	This will display the FULL guestbook, it gets quite long....
 	</center>
	';

 	die(''); 
}

if($Delete=="")


{
	//Check username and password
	if (($user=="$Ad_Username") && ($pass=="$Ad_Password"))
	{
		//if its right, we can go ahead and display the info

		echo '
		<br><br>
		<center>
		<h2>THIS WILL DELETE WHATEVER NUMBER YOU INPUT!</h2>
		</center>
		<br>
		<center>
		<table border="0">
		<form method="POST" action="A_login.php">
		<input type="hidden" value="$user" name="user">
		<input type="hidden" value="$pass" name="pass">
		<tr><td>
		DELETE NUMBER:
		<td>
		<input type="text" name="Delete">
		<tr><td>
		Submit:
		<td>
		<input type="submit" value="Submit">
		</form>
		</table>
		</center>
		';

		//Admin Guestbook, for use in the panel ONLY
		echo '<br><br><br>';
		echo '<center>';
		//This includes the Configuration file that should be in the same folder as this guestbook Script
		include ("Config.php");


		//This is where the Script connects to your database
		$con = mysql_connect("$Hostname","$Username","$Password");
		if (!$con)
		{
			die('Could not connect: ' . mysql_error());
		}

		//Selects the database in config.php
		mysql_select_db("$Database", $con);

		//Selects the info from the guestbook table and sets it as a variable
		$result = mysql_query("SELECT * FROM $Table ORDER BY Number DESC");

		//This portion configures the table which will display the guestbook
		echo "<font color=$HeaderColor size=\"2\">FOR USE IN THE ADMIN PANEL ONLY</font>";
		echo '<br><br>';
		echo "<table width=\"80%\" Border=\"$TableBord\">";
		echo "<tr><td><font color=$HeaderColor>Number<td><font color=$HeaderColor>Smiley<td><font color=$HeaderColor>Name<td><font color=$HeaderColor>Date<td><font color=$HeaderColor>Comment<td><font color=$HeaderColor>Email<td><font color=$HeaderColor>IP";

		//This is an array, it takes each entry into the guestbook and puts it on a line
		while($row = mysql_fetch_array($result))
		{
			Echo "<tr>";
			Echo "<td><font color=$EntryColor>";
			Echo $row['Number'];
			Echo "<td><img src=Smiley/";
			Echo $row['Smiley'];
			Echo ".gif>";
			Echo "<td><font color=$EntryColor>";
			Echo $row['Name'];
			Echo "<td><font color=$EntryColor>";
			Echo $row['Date'];
			Echo "<td><font color=$EntryColor>";
			Echo $row['Comment'];
			Echo "<td><font color=$EntryColor>";
			Echo $row['Email'];
			Echo "<td><font color=$EntryColor>";
			Echo $row['IP'];
		}
		Echo "</font>";

		//Disconnect from the database
		mysql_close($con);

		//End Admin Guestbook viewer
		echo '</center>';
		 die(''); 
	}

	else

	{ 
		die('Wrong username and or password!');
	}

//---------------------------------
//<--- SOMETHING GOES HERE --->
//---------------------------------

else 

{ 
	//This includes the Configuration file that should be in the same folder as this Script
	include ("Config.php");
	echo "
	<a href=$LINK>Return</a>
	<br><br><br><br>
	";

	//This is where the Script connects to your database
	$con = mysql_connect("$Hostname","$Username","$Password");
	if (!$con)
	{
		die('Could not connect: ' . mysql_error());
	}

	//Selects the database in config.php
	mysql_select_db("$Database", $con);

	$sql="DELETE FROM $Table WHERE Number='$_POST[Delete]'";

	if (!mysql_query($sql,$con))
	{
		die('Error: ' . mysql_error());
	}
	echo "record deleted";
}

?>

p.s. yes i know its messy, yes i know i have a LOT of html being parsed by php, i will clean it up later, right now its like that for simplicities sake....

thanks in advance!

4
Contributors
5
Replies
7
Views
7 Years
Discussion Span
Last Post by Designer_101
0

ok, i found the problem, it was just a missing }

i tried that once, but it kept redirecting me to the same page i was on, so i thaught something else should go there...

the place i messed up is in the hidden inputs under one of the forms, the form assumes a variable that cannot be used...

here is the fixed and 100% working script:

<?PHP
//turn off error reporting...
error_reporting(0);

//Include the file with the password
include ("Config.php");

//Convert the username and password into usable strings
$user = $_POST['user'];
$pass = $_POST['pass'];
$Delete = $_POST['Delete'];

//We need to disable the first parse of this script, which is when the person first come to the page...
if($user=="")

{
	echo '
	<center>
	<table border="0">
	<form method="POST" action="A_login.php">
	<tr><td>
	Admin Username:
	<td>
	<input type="text" name="user">
	<tr><td>
	Admin Password:
	<td>
	<input type="password" name="pass">
	<tr><td>
	Submit:
	<td>
	<input type="submit" value="Submit">
	</form>
	</table>
	</center>
	<center>
 	This will display the FULL guestbook, it gets quite long....
 	</center>
	';

 	die(''); 
}

if($Delete=="")


{
	//Check username and password
	if (($user=="$Ad_Username") && ($pass=="$Ad_Password"))
	{
		//if its right, we can go ahead and display the info

		echo '
		<center>
		<h2>THIS WILL DELETE WHATEVER NUMBER YOU INPUT!</h2>
		</center>
		<br>
		<center>
		<table border="0">
		<form method="POST" action="A_login.php">
		<input type="hidden" name="user" value="';

		echo $user;

		echo '">';

		echo '<input type="hidden" name="pass" value="';

		echo $pass;

		echo '">
		<tr><td>
		DELETE NUMBER:
		<td>
		<input type="text" name="Delete">
		<tr><td>
		Submit:
		<td>
		<input type="submit" value="Submit">
		</form>
		</table>
		</center>
		';

		//Admin Guestbook, for use in the panel ONLY
		echo '<br><br><br>';
		echo '<center>';
		//This includes the Configuration file that should be in the same folder as this guestbook Script
		include ("Config.php");


		//This is where the Script connects to your database
		$con = mysql_connect("$Hostname","$Username","$Password");
		if (!$con)
		{
			die('Could not connect: ' . mysql_error());
		}

		//Selects the database in config.php
		mysql_select_db("$Database", $con);

		//Selects the info from the guestbook table and sets it as a variable
		$result = mysql_query("SELECT * FROM $Table ORDER BY Number DESC");

		//This portion configures the table which will display the guestbook
		echo "<font color=$HeaderColor size=\"2\">FOR USE IN THE ADMIN PANEL ONLY</font>";
		echo '<br><br>';
		echo "<table width=\"80%\" Border=\"$TableBord\">";
		echo "<tr><td><font color=$HeaderColor>Number<td><font color=$HeaderColor>Smiley<td><font color=$HeaderColor>Name<td><font color=$HeaderColor>Date<td><font color=$HeaderColor>Comment<td><font color=$HeaderColor>Email<td><font color=$HeaderColor>IP";

		//This is an array, it takes each entry into the guestbook and puts it on a line
		while($row = mysql_fetch_array($result))
		{
			Echo "<tr>";
			Echo "<td><font color=$EntryColor>";
			Echo $row['Number'];
			Echo "<td><img src=Smiley/";
			Echo $row['Smiley'];
			Echo ".gif>";
			Echo "<td><font color=$EntryColor>";
			Echo $row['Name'];
			Echo "<td><font color=$EntryColor>";
			Echo $row['Date'];
			Echo "<td><font color=$EntryColor>";
			Echo $row['Comment'];
			Echo "<td><font color=$EntryColor>";
			Echo $row['Email'];
			Echo "<td><font color=$EntryColor>";
			Echo $row['IP'];
		}
		Echo "</font>";

		//Disconnect from the database
		mysql_close($con);

		//End Admin Guestbook viewer
		echo '</center>';
		die(''); 
	}

	else

	{ 
		die('Wrong username and or password!');
	}
}

else

{ 
	//This includes the Configuration file that should be in the same folder as this Script
	include ("Config.php");

		echo '
		<center>
		<table border="0">
		<form method="POST" action="A_login.php">
		<input type="hidden" name="user" value="';
		echo $user;
		echo '">';
		echo '<input type="hidden" name="pass" value="';
		echo $pass;
		echo '">
		<tr><td>
		<tr><td>
		<input type="submit" value="Return to admin page">
		</form>
		</table>
		</center>
		<br>
		<center>
		';



	//This is where the Script connects to your database
	$con = mysql_connect("$Hostname","$Username","$Password");
	if (!$con)
	{
		die('Could not connect: ' . mysql_error());
	}

	//Selects the database in config.php
	mysql_select_db("$Database", $con);

	$sql="DELETE FROM $Table WHERE Number='$_POST[Delete]'";

	if (!mysql_query($sql,$con))
	{
		die('Error: ' . mysql_error());
	}
	echo "record deleted, or did not exist, either way its no longer in the database...";
}
echo '</center>';

?>

Have fun, and check out pctipforum.com

0

First of all, there are some problems you need to address before anyone even thinks about downloading/using this. You have a username and password stored in plain text on the server. Not Good! A database should be used to store them. The password should be hashed as well. You also have post data going directly into queries. This is a huge sql injection hole. Also I couldn't find much valid xhtml or even html.

Security is a must in todays world. That will be hacked quickly.

Also, I looked at your demo. There is no spam prevention. You might want to fix that before someone starts spamming you.

0

Also by compiling it into one script the file size is huge and it will take PHP a much longer time to parse the whole file

0

i know.

this was my first script, as such i was working piece by piece, the entire script is now split into a couple different files, and the database houses a few different hashed passwords.

This was a learning experience for me :P

also, on the spamming part of things, that was added later and i thank you for pointing it out anyway :D

0

Yeh, some major holes in that :/
I wouldnt recomend anyone using it for security issues until you've fixed it up. Look up CSRF aswell, i've made it a mission to get more people protecting the forms against it. Also there is (as pointed out above) a huge SQL injection possible.
Hope this helps

This topic has been dead for over six months. Start a new discussion instead.
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.