CODEWITHSUNDEEP
phpmd5
TEN Design
TEN Design

Reputation: 717

PHP md5 in conditional

I have a simple script that i am trying to do a simple md5 user/password om. the problem i am having is that regardless of what i put in the user/pass fields it matches the conditionals and allows the include to load

<?php
if(md5($_POST['user']) === 'md5user' && md5($_POST['pass']) === 'md5pass'):    
    include("secure.php");   
else: ?>
    <body>
        <div class="container" style="width: 20%;">
            <div class="row-fluid well" style="background: #333; margin-top: 25%;">
                <p class="lead">Inventory Update Login</p>
                <form class="form" method="POST" action="secure.php">
                <label>User Name</label><input class="input-block-level" type="text" name="user"></input><br/>
                <label>Password</label><input class="input-block-level" type="password" name="pass"></input><br/>
                <input class="btn btn-primary" type="submit" name="submit" value="Go"></input>
                </form>
                    <div class="alert alert-error">
                      <h4>Warning!</h4>
                      Best check yo self, you're not supposed to be here by accident. If you are here to do something naughty, keep in mind we are a company owned by people with guns!
                    </div>
            </div>
        </div>
    </body>

secure.php:

<?php
    $secretkey = "12345";
    print_r($_POST);
?>
<html>
    <head>
        <link rel="stylesheet" href="https://dev.zinkcalls.com/media/jui/css/bootstrap.min.css" type="text/css" />
        <style>
            body {color: #fff;}
            .well, .brand, .navbar-inner, .popover, .btn, .tooltip, input, select, textarea, pre, .progress, .modal, .add-on, .alert, .table-bordered, .nav>.active>a, .dropdown-menu, .dropdown-menu>li>a:hover, .tooltip-inner, .badge, .label, .img-polaroid {
                background-image: none !important;
                border-collapse: collapse !important;
                box-shadow: none !important;
                    -moz-box-shadow: none !important;
                   -webkit-box-shadow: none !important;
                border: none;
                text-shadow: none !important;
            }
        </style>
    </head>
    <body>
        <div class="container" style="width: 20%;">
            <div class="row-fluid well" style="background: #333; margin-top: 25%;">
                <?php if((!isset($_POST['key']) or ($_POST['key'] != $secretkey)) and !isset($_POST['update'])): ?>
                    <div class="alert alert-error">
                        <h4>Whoaa!</h4>You need the secret key bro.
                    </div>
                    <form class="form" method="POST" action="secure.php">
                        <label>Secret Key</label><input class="input-block-level" type="text" name="key" /><br/>
                        <input class="btn btn-primary" type="submit" name="submit" value="Enter Secret Key" />   
                    </form>
                <?php elseif(($_POST['key'] = $secretkey) and !isset($_POST['update'])): ?>
                    <div class="alert alert-error">
                        <h4>Careful!</h4>
                        You may destroy everything in one click of the button. Proceed?
                    </div>
                    <form class="form" method="POST" action="secure.php">
                        <input class="btn btn-primary" type="submit" name="update" value="Yes" />
                        <input class="btn" type="reset" name="abort" value="No" />
                    </form>
                <?php else:?>
                    <div class="alert alert-success">
                        <?php include("inventory_query.php"); ?>
                        <h4>Done!</h4>
                        Now get the hell outta here.
                    </div>
                <?php endif; ?>
                <hr />
                <form class="form" method="POST" action="inventory.php">
                    <input class="btn btn-primary" type="submit" name="logout" value="Logout" />   
                </form>
            </div>
        </div>
    </body>
</html>

Upvotes: 1

Views: 335

Answers (2)

Brett Santore
Brett Santore

Reputation: 797

Ok, firstly, md5 should not be used with passwords for security reasons. Please read into the topic, as I will not go into much detail.

That being said, here is the issue you are experiencing.

md5 is going to return an md5 hash of the supplied string. For example: 

echo md5('md5pass'); // 65ed8a5eec59a1a6f75ec845294aead8

That will not change. It is a new string and can not be compared to it's raw counterpart, in this case 'md5pass'. What you can do, would be to compare the hash of the user supplied value to an expected value.

In this case, md5($_POST['pass']) === md5('md5pass'), would only evaluate if $_POST['pass'] is 'md5pass'.

Again, please look into hashing your passwords.

Edit:

@Peter van der Wal is correct as well. You are never going to execute the check you want until you correct the form action.

Upvotes: 0

Peter van der Wal
Peter van der Wal

Reputation: 11856

Your form is submitted to secure.php and since that file doesn't contain this check (I assume) everything in it is just executed/displayed. Remove the action="secure.php" from the form-tag to POST to self.

PS. learn about sessions if you want a more persistent login.

Upvotes: 4

Related Questions