php - Using this login secure with cookies?
225
Looking for perhaps a little input on any vulnerabilities with this login script.
step 1 - input form with username and password gets submitted
step 2 - upon verification I would insert a uniqid into DB called session
step 3 - In order to verify user is logged in check DB
$user_decode_cookie = base64_decode($_COOKIE['cookiewithinfo']);
$cookie_implode = (explode('_', mysqli_real_escape_string($con, $user_decode_cookie)));
$sql = mysql_query("SELECT * FROM user WHERE username='{$cookie_implode[0]}' AND session = '{$cookie_implode[1]}'")or die(mysql_error());
$userinfo = mysql_fetch_array($sql);
return $userinfo;
step 4 - set COOKIE with username and uniqid
To verify it is correct user I get the COOKIE and make sure uniqid match with the username in the DB.
I was reading a bit on here and used the session as I saw was suggested.
I was using COOKIES in order to save login even after browser close.
Is this close in anyway to how it can be done somewhat safely or am I way out to lunch. Thanks as well for any input.
Answer
Solution:
Your approach looks reasonably secure. The only thing I would change is to save
md5(PK . $uniqid)instead of just the$uniqidin the cookie so that it would be almost impossible to brute force it, even with a botnet and years of attempts.The
PKwould simply be any simple key that you'd keep private to your script. You could keep the DB as it is and validate the secured session key in PHP after the query, or simply store the same secured key directly in the DB to keep your current query.Note that you should use prepared statements on your arguments for security.