Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- session_start();
- // AJAX CALLS THIS LOGIN CODE TO EXECUTE
- if(isset($_POST["e"])){
- // Get user ip address
- $ip = preg_replace('#[^0-9.]#', '', getenv('REMOTE_ADDR'));
- // Get referer from header
- $refer = preg_replace('#[^a-z0-9 -._]#i', '.', getenv('HTTP_REFERER'));
- // Set variable for possible logging
- $csrf = "";
- // Check for login session
- if(isset($_SESSION['login']) && isset($_SESSION['login']['tm']) && isset($_SESSION['login']['tk']) && isset($_POST['t'])){
- // Sanitize everything now
- $sTimestamp = preg_replace('#[^0-9]#', '', $_SESSION['login']['tm']);
- $sToken = preg_replace('#[^a-z0-9.-]#i', '', $_SESSION['login']['tk']);
- $fToken = preg_replace('#[^a-z0-9.-]#i', '', $_POST['t']);
- // Make sure we have values after sanitizing
- if($sTimestamp != "" && $sToken != "" && $fToken != ""){
- // Check if session and post token match
- if($fToken !== $sToken){
- $csrf .= "Form token and session token do not match|";
- }
- // Do 5 minute check
- $elapsed = time() - $sTimestamp;
- if($elapsed > 300){
- $csrf .= "Expired session|";
- }
- // add more checks here if needed
- } else {
- $csrf .= "A critical session or form token post was empty after sanitization|";
- }
- } else {
- // Something fishy is going on .. our session is not set
- $csrf .= "A critical session or form token post was not set|";
- }
- // CONNECT TO THE DATABASE
- include_once("../php_includes/db_conx.php");
- // Check our errors here
- if($csrf !== ""){
- // At least one of our tests above was failed
- // Sanitize the e & p posts for logging
- $e = mysqli_real_escape_string($db_conx, $_POST['e']);
- $p = mysqli_real_escape_string($db_conx, $_POST['p']);
- // Time to log this
- $sql = "INSERT INTO logging (dt, ip, referer, issues, epost, ppost)
- VALUES(now(),'$ip','$refer','$csrf','$e','$p')";
- $query = mysqli_query($db_conx, $sql);
- mysqli_close($db_conx);
- // Unset
- if(isset($_SESSION['login'])){
- unset($_SESSION['login']);
- }
- // Throttle back the attack
- sleep(3);
- // Return generic login_failed and exit script
- echo "login_faileds";
- exit();
- }
- // GATHER THE POSTED DATA INTO LOCAL VARIABLES AND SANITIZE
- $e = mysqli_real_escape_string($db_conx, $_POST['e']);
- $p = md5($_POST['p']);
- // GET USER IP ADDRESS
- //$ip = preg_replace('#[^0-9.]#', '', getenv('REMOTE_ADDR'));
- // FORM DATA ERROR HANDLING
- if($e == "" || $p == ""){
- echo "login_failed";
- exit();
- } else {
- // END FORM DATA ERROR HANDLING
- $sql = "SELECT id, username, password FROM users WHERE email='$e' AND activated='1' LIMIT 1";
- $query = mysqli_query($db_conx, $sql);
- $row = mysqli_fetch_row($query);
- $db_id = $row[0];
- $db_username = $row[1];
- $db_pass_str = $row[2];
- if($p != $db_pass_str){
- echo "login_failed";
- exit();
- } else {
- // CREATE THEIR SESSIONS AND COOKIES
- $_SESSION['userid'] = $db_id;
- $_SESSION['username'] = $db_username;
- $_SESSION['password'] = $db_pass_str;
- setcookie("id", $db_id, strtotime( '+30 days' ), "/", "", "", TRUE);
- setcookie("user", $db_username, strtotime( '+30 days' ), "/", "", "", TRUE);
- setcookie("pass", $db_pass_str, strtotime( '+30 days' ), "/", "", "", TRUE);
- // UPDATE THEIR "IP" AND "LASTLOGIN" FIELDS
- $sql = "UPDATE users SET ip='$ip', lastlogin=now() WHERE username='$db_username' LIMIT 1";
- $query = mysqli_query($db_conx, $sql);
- //Unset that login session if they logged in
- if(isset($_SESSION['login'])){
- unset($_SESSION['login']);
- }
- echo $db_username;
- exit();
- }
- }
- exit();
- }
- <?php
- // If user is already logged in, header that person away
- if($user_ok == true){
- header("location: user.php?u=".$_SESSION["username"]);
- exit();
- }
- ?><?php
- $salt = "h89ZzxKYassa40832";
- $timestamp = time();
- $tk = str_shuffle(md5(uniqid().md5($salt)));
- $tk = preg_replace('#[^a-z0-9.-]#i', '', $tk);
- $ses_array = array("tm" => $timestamp, "tk" => $tk);
- if(!isset($_SESSION['login'])){
- $_SESSION['login'] = $ses_array;
- } else {
- unset($_SESSION['login']);
- $_SESSION['login'] = $ses_array;
- ?>
- <!DOCTYPE html>
- <html>
- <head>
- <meta charset="UTF-8">
- <title>Log In</title>
- <script src="https://ajax.googleapis.com/ajax/libs/jquery/2.1.4/jquery.min.js"></script>
- <script src="https://ajax.googleapis.com/ajax/libs/jqueryui/1.11.3/jquery- ui.min.js"></script>
- <script src="js/main.js"></script>
- <script src="js/ajax.js"></script>
- <script>
- //Get inital timestamp for 5 minute limit
- var startTime = new Date().valueOf();
- function emptyElement(x){
- _(x).innerHTML = "";
- }
- function login(){
- // Make sure time has not expired
- var postTime = new Date().valueOf();
- var totalTime = Math.ceil((postTime - startTime)/1000);
- //If 5 minutes has passed, make them refresh
- // a few seconds off for page loading time 300-> 295
- if(totalTime > 295){
- _("loginbtn").style.display = "none";
- _("email").style.display = "none";
- _("password").style.display = "none";
- _("status").innerHTML = '<strong style="color:#F00;">You have time out, Please refresh your browser</strong>';
- return false;
- }
- var e = _("email").value;
- var p = _("password").value;
- if(e == "" || p == ""){
- _("status").innerHTML = "Fill out all of the form data";
- } else {
- _("loginbtn").style.display = "none";
- _("status").innerHTML = 'please wait ...';
- var ajax = ajaxObj("POST", "php_parsers/login_parse.php");
- ajax.onreadystatechange = function() {
- if(ajaxReturn(ajax) == true) {
- if(ajax.responseText == "login_failed"){
- _("status").innerHTML = "Login unsuccessful, please try again.";
- _("loginbtn").style.display = "block";
- }else if(ajax.responseText == "login_faileds"){
- _("status").innerHTML = "problem with csrf";
- _("loginbtn").style.display = "block";
- }
- else {
- window.location = "user.php?u="+ajax.responseText;
- }
- }
- }
- //ajax.send("e="+e+"&p="+p);
- ajax.send("e="+e+"&p="+p+"&t=<?php echo $_SESSION['login']['tk']; ?>");
- }
- }
- </script>
- </head>
- <body>
- <h3>Log In Here</h3>
- <!-- LOGIN FORM -->
- <form role="form" id="loginform" onsubmit="return false;">
- <div class="form-group">
- <label for="email">Email Address:</label>
- <input type="text" class="form-control" id="email" onfocus="emptyElement('status')" maxlength="88">
- </div>
- <div class="form-group">
- <label for="password">Password:</label>
- <input type="password" class="form-control" id="password" onfocus="emptyElement('status')" maxlength="100">
- </div>
- <button id="loginbtn" onclick="login()">Log In</button>
- <p id="status"></p>
- <a href="forgot.php">Forgot Your Password?</a>
- </form>
- <!-- LOGIN FORM -->
- </div>
- </div>
- </div>
- </body>
- </html>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement