Jump to content
Larry Ullman's Book Forums

Recommended Posts

Going through and making sure every thing is secure, I think I found a flaw.

 

There is no need for:

if ($_SERVER['REQUEST_METHOD'] == 'POST') 

for it's redudant and poises a security issue - never trust $_SERVER

 

All you have to do is this:

// Validate the form data:
if ($form->validate()) {

    // Check against the database:
    $query = 'SELECT id, userType, username, email, pass FROM users WHERE username=:username';
    $stmt = $pdo->prepare($query);
    $result = $stmt->execute(array(':username' => $username->getValue()));
            
    // Try to fetch the results:
    if ($result) {
        $stmt->setFetchMode(PDO::FETCH_CLASS, 'Member');
        $user = $stmt->fetch();
        $result = false;
    }
    // Verify Stored Hashed Password:
    $result = password_verify($password->getValue(), $user->pass);
    // Store the user in the session and redirect:
    if ($result) {
        
        // Store in a session:
        $_SESSION['user'] = $user;
        
        // Redirect:
        header("Location:index.php");
        exit;
        
    }
    
} // End of form validation IF.

I have been testing this thoroughly and it works ;)

 

 

Link to comment
Share on other sites

 Share

×
×
  • Create New...