RE: phpbb / sessionid nightmare

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Oops!

Maybe not.

You were right!
SFC = stupid flippn' coder = me!

I see where you are going with this!

if(isset($_SESSION['userid']) && $_SESSION['userid']!="")

Not set!

Duhhh!

The 
if(isset($_SESSION['userid']) && $_SESSION['userid']!="")

Was a silly attempt of mine earlier to force a session.

Gone now,

Let me follow your lead on your suggestions though for a few.

I know just enough about php to be dangerous!

I will definitely keep in mind the mysql inject problem.

This could be an issue, but for now, just trying to get it to work!

Thanks,
Brad




-----Original Message-----
From: Richard Lynch [mailto:ceo@xxxxxxxxx] 
Sent: Saturday, April 28, 2007 3:43 PM
To: Brad Sumrall
Cc: php-general@xxxxxxxxxxxxx
Subject: Re:  phpbb / sessionid nightmare

On Sat, April 28, 2007 11:03 am, Brad Sumrall wrote:
> Users log into web site in a sudo phpbb login which works fine.
>
> Users are able to browse around phpbb and a sudo phpbb program called
> photopost.
>
>
>
> But when the goto a differen't part of the site which is not phpbb
> related,
> the sessionid does not carry over.
>
>
>
> The other pages are calling on the same isset variable???
>
> This is blowing my mind for weeks now!!!
>
> Would some kind code help a frazzed brother out?

Check the parameters for the cookie.

If they limit the cookie to, say:
http://example.com/phpbb/
instead of the whole site:
http://example.com/
then your cookie isn't there, and the session will get lost with it.

Probably a set_cookie_params() call somewhere in your phpbb mess.

if(isset($_SESSION['userid']) && $_SESSION['userid']!="")
What is this?

Is the whole rest of the site passing around a ?forum=1 parameter in
all its URLs?

Probably not.

Only phpbb is doing that.

So then you never even GET to the $_SESSION check.

>
> {
>
>       if(!isset($_SESSION["userid"]))
>
>       {


>       <?php if(!isset($_SESSION['userid']) && $_SESSION['userid'] ==
> "")

This is daft.

!isset($x) && $x == ""

If $x isn't even set, then why test it for being == to the empty string?

>                     <?php if($_POST['hiddensubmit']){

And here you're not using isset(), so are generating E_NOTICE
messages, most likely.

>             $get_count5 = mysql_query("SELECT * FROM `contest_stories`
> WHERE
> contest_id = '".$_POST['cid']."' AND year='2007'  AND username
> ='".$_SESSION["userid"]."'");

Splicing POST data directly into a query is a giant security SQL
Injection attack hole.

Stop coding NOW and start reading and re-reading here until you
understand why:
http://phpsec.org

Unless you WANT your entire database wiped out or even stolen by a
meanie.

> echo "<font color=\"red\">You can only submit 3 stories per
> contest.</a><br>";

And you might as well not bother to have a contest, as the meanie can
rig it to win using the SQL injection above...



Sorry to be the bearer of Bad News...

-- 
Some people have a "gift" link here.
Know what I want?
I want you to buy a CD from some indie artist.
http://cdbaby.com/browse/from/lynch
Yeah, I get a buck. So?

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php


[Index of Archives]     [PHP Home]     [Apache Users]     [PHP on Windows]     [Kernel Newbies]     [PHP Install]     [PHP Classes]     [Pear]     [Postgresql]     [Postgresql PHP]     [PHP on Windows]     [PHP Database Programming]     [PHP SOAP]

  Powered by Linux