【问题标题】:Is it possible to select the exact password to a username in a database?是否可以为数据库中的用户名选择确切的密码?
【发布时间】:2015-08-06 16:13:49
【问题描述】:

我创建了一个带有表 (UserPass) 的数据库,该表主要存储用户名和密码。

现在在我的表单中,我想要求用户输入他的用户名和密码,在测试时,我意识到我可以输入数据库中的任何用户名和任何密码来登录。

是否可以在 SQL 查询中选择与用户名在同一行的密码?

我尝试了类似的方法:

$username = $_POST['username'];
$sql = "SELECT Password FROM UserPass WHERE Username = $username";

但是下面的mysqli_query 失败了:

$query = mysqli_query($cxn, $sql);

所以这是整个action.php 脚本:

<?php
include "info.php";
include "god.php";
session_start();
if($_POST['god'] == $god)
{   

    header( "refresh:0;url=../web.html" );
}

else if(empty($_POST['god']))
{

}

else 
{
    echo "Can't you read: DON'T TRY!!!!!!!";
    exit();
}

$cxn = mysqli_connect($host, $user, $password, $dbname) or die("Go");
//check username
$userI = $_POST["username"];
$userSql = "SELECT Username FROM UserPass ";
$result = mysqli_query($cxn, $userSql) or die("Query failed!");
while($line = mysqli_fetch_assoc($result))
{
    extract($line);

    foreach ($line as $key => $val)
    {
        if($_POST['username'] == $val)
        {
            //check for password 
            $username = $_POST['username'];
            $pass = $_POST['password'];
            $sql = "SELECT Password FROM UserPass";
            $passres = mysqli_query($cxn, $sql) or die("Request cannot be handled now.");
            while ($passline = mysqli_fetch_assoc($passres))
            {
                extract($passline);
                foreach ($passline as $k => $v) 
                {
                    if($_POST['password'] == $v)
                    {
                        header( "refresh:0;url=../web.html");


                    }

                    else 
                    {
                        session_destroy();
                    }

                }
            }

        }
    }
}
/*
if($userI == $line['Username'])
{
    //check for password
    $pass = $_POST['password'];
    $sql = "SELECT * FROM UserPass";
    $res = mysqli_query($cxn, $sql) or die("Pass query failed");
    $passline = mysqli_fetch_assoc($res);
    if($pass == $passline['Password'])
    {
        header( "refresh:4;url=../web.html");
        session_start();
        echo "Login succesful, session started, session id: ";
    }
}
*/


    /*
    if($_POST['username'] == $val)
    {
        //check for password
        $b = $_POST['username'];
        $pass = $_POST['password'];
        $sql = "SELECT * FROM UserPass";
        $passres = mysqli_query($cxn, $sql);
        $passline = mysqli_fetch_row($passres);
        foreach ($passline as $k => $v ) 
        {
            if($_POST['password'] == $v)
            {
                header( "refresh:0;url=../web.html");
                session_start();
            }
        }


    }
    */
    /*
    else 
    {
        print("Destroying Laptop...US Government...Destroying Laptop...\n");
        exit();
    }
    */              
?>

【问题讨论】:

  • 为什么会有人打扰登录?我会直接去web.html...
  • 你的逻辑是错误的。当您检查用户是否存在于数据库中时,您的查询应该类似于 select username from UserPass where username=$username and password=$password 。使用它,您将不会遇到您遇到的问题
  • 明文存储密码是不安全的,但在某些情况下可能没问题。但是请在人们注册时强调,您不会安全地存储他们的密码,并且他们不应该重复使用重要的密码。

标签: php mysql sql


【解决方案1】:

您只需要检查是否存在包含同一用户的用户名和密码的记录:

$password = mysqli_real_escape_string($password);
$username = mysqli_real_escape_string($username);
$sql = "SELECT Password FROM UserPass WHERE Username = '$username' AND Password = '$password'";

如果有1个这样的结果,就OK了。

顺便说一句,您不应该以纯文本形式存储密码 - 而是使用单向哈希函数并仅比较密码的哈希值。

【讨论】:

    【解决方案2】:

    您的 SQL 查询应包含一个“AND”,如下所示:

    $link = mysqli_connect("myhost","myuser","mypassw","mybd") or die("Error " . mysqli_error($link));
    
    $username = mysqli_real_escape_string($link, $_POST['username']);
    $password = mysqli_real_escape_string($link, $_POST['password']);
    
    $sql = "SELECT * FROM UserPass WHERE username = '{username }' AND password = '{$password}' LIMIT 1";
    
    $query = mysqli_query($link, $sql);
    
    if ($query && mysqli_num_rows($query)>0) {
         //user is authenticated
    }
    ?>
    

    通过使用逻辑运算符 AND,您的查询必须匹配两个条件才能给出答案。这些条件应该只有用户知道。

    另外,请不要将密码字段以明文形式存储在数据库中。这不安全。您应该使用 sha1 哈希。有关这方面的更多信息,请查看此处http://en.wikipedia.org/wiki/SHA-1

    【讨论】:

    猜你喜欢
    • 2015-10-26
    • 1970-01-01
    • 1970-01-01
    • 1970-01-01
    • 1970-01-01
    • 1970-01-01
    • 1970-01-01
    • 1970-01-01
    • 1970-01-01
    相关资源
    最近更新 更多