-2

I'm creating an app and for I have 2 PHP scripts one for login one for singnup. I would like to protect them from SQL injection. I tried to protect variables with this code $username = mysqli_real_escape_string($con, $_POST['username']); but I don't know if it's correct. I've watched some YT videos but I don't understand them.

Here is my login.php code:

<?php
session_start();

include("connection.php");
include("functions.php");


if($_SERVER['REQUEST_METHOD'] == "POST")
{
    //something was posted
    $username = mysqli_real_escape_string($con, $_POST['username']);
    $password = mysqli_real_escape_string($con, $_POST['password']);
    $job = mysqli_real_escape_string($con, $_POST['job']);

    if(!empty($username) && !empty($password) && !is_numeric($username))
    {

        //read from database
        $query = "select * from users where username = '$username' limit 1";
        $result = mysqli_query($con, $query);

        if($result)
        {
            if($result && mysqli_num_rows($result) > 0)
            {

                $user_data = mysqli_fetch_assoc($result);
            
                if($user_data['password'] === $password)
                {

                    $_SESSION['user_id'] = $user_data['user_id'];
                    header("Location: index.php");
                    die;
                }
            }
        }
    
        echo "wrong username or password!";
     }else
     {
        echo "wrong username or password!";
     }
}


?>

<!DOCTORTYPE html>
<html>
<head>
    <title>Login</title>
</head>
<body id="body">


<style type="text/css">

     #text{

        height: 25px;
        border-radius: 5px;
        padding: 4px;
        border: solid thin #aaa;
        width: 100%;
    }
     #button{

        padding: 10px;
        width: 100px;
        color: white;
        background-color: lightblue;
        border: none;
    }
    #box{

        background-color: grey;
        margin: auto;
        width: 300px;
        padding: 20px;
    }
</style>

<div id="box">
    <form method="post">
        <div style="font-size: 20px;margin: 10px;color: white;">Login</div>
        <PRE><font size="+2">Username</font></PRE><br>
        <input id="text" type="text" name="username"><br><br>
        <PRE><font size="+2">Password</font></PRE><br>
        <input id="text" type="password" name="password"><br><br>

        <input id="button" type="submit" value="Login"><br><br>

    </form>
</div>
</body>
</html>

Here is my signup.php code:

<?php
session_start();

include("connection.php");
include("functions.php");
$user_data = check_login($con);

if ($_SERVER['REQUEST_METHOD'] == "POST") {

    $username = mysqli_real_escape_string($con,  $_POST['username']);
    $password = mysqli_real_escape_string($con,  $_POST['password']);
    $user_name = mysqli_real_escape_string($con,  $_POST['user_name']);
    $user_surname = mysqli_real_escape_string($con,  $_POST['user_surname']);
    $job = mysqli_real_escape_string($con,  $_POST['job']);
    $gender = mysqli_real_escape_string($con,  $_POST['gender']);
    $user_id = mysqli_real_escape_string($con,  $_POST['user_id']);

    if(empty($user_id)){
        $user_id = random_num(20);
    }

    if (!empty($username) && !empty($password) && !empty($user_name) && !empty($user_surname) && !is_numeric($user_name)) {


        $query = "insert into users (user_id,username,user_name,user_surname,password,job,gender) values ('$user_id','$username','$user_name','$user_surname','$password','$job','$gender')";

        mysqli_query($con, $query);

        header("Location: login.php");
        die;
    } else {
        echo "Please enter some valid information!";
    }

}
?>

<!DOCTORTYPE html>
    <html>

    <head>
        <title>Signup</title>
    </head>

    <body>

        <style type="text/css">
            #text {

                height: 25px;
                border-radius: 5px;
                padding: 4px;
                border: solid thin #aaa;
                width: 75%;
            }

            #button {

                padding: 10px;
                width: 100px;
                color: white;
                background-color: lightblue;
                border: none;
            }

            #box {

                background-color: grey;
                margin: auto;
                width: 500px;
                padding: 20px;
            }
        </style>

       <div id="box">
            <form method="post">
                <div style="font-size: 20px;margin: 10px;color: white;">Signup</div>

                <PRE><font size="+2">Name</font></PRE><br>
                <input id="text" type="text" name="user_name"><br><br>
                <PRE><font size="+2">Surname</font></PRE><br>
                <input id="text" type="text" name="user_surname"><br><br>
                <PRE><font size="+2">Username</font></PRE><br>
                <input id="text" type="text" name="username"><br><br>
                <PRE><font size="+2">Password</font></PRE><br>
                <input id="text" type="password" name="password"><br><br>
                <PRE><font size="+2">Select position:</font></PRE><br>
                <select name="job">
                    <option value="student">Student</option>
                    <option value="teacher">Teacher</option>
                    <option value="staff">Staff</option>
                    <option value="principal">Principal</option>
                </select><br>
                <PRE><font size="+2">Select gender:</font></PRE><br>
                <select name="gender">
                    <option value="male">Male</option>
                    <option value="female">Female</option>
                    <option value="other">Other</option>
                </select><br><br>

                <PRE><font size="+2">Card number:</font></PRE><br>

                <select id="card" name="user_id">
                    <option value="No">No</option>
                    <option value="Yes" selected>Yes</option>
                </select><br><br>

                <input id="cards" type="text" name="user_id"><br><br>


                <input id="button" type="submit" value="Signup"><br><br>

                <a href="index.php">Back to main page</a><br><br>
            </form>
            <script>
                var select = document.getElementById("card");
                select.onchange = function() {
                    if (select.value == "Yes") {
                        document.getElementById("cards").style.display = "inline";
                    } else {
                        document.getElementById("cards").style.display = "none";
                        var id;
                        function getRandom(length) {
                            id = Math.floor(Math.pow(10, length - 1) + Math.random() * 9 * Math.pow(10, length - 1));
                        }
                    }

                }
            </script>
        </div>
    </body>

    </html>
jasagregoric
  • 3
  • 3
  • 1
    Have a read up on "Prepared Statements", instead of altering the strings and then concatenating them into your query. – droopsnoot May 15 '22 at 17:41
  • 1
    Is `` a new thing? – droopsnoot May 15 '22 at 17:43
  • 1
    What's the idea of using a random number for the `user_id`? Wouldn't it be better to set that column as an auto-increment and let the database assign it for you? There doesn't seem to be any code to handle what happens when the `user_id` already exists in the database. – droopsnoot May 15 '22 at 17:45
  • I created a select with options Yes and No if you select yes you can input nuber of a card and if you select no it assigns a random number – jasagregoric May 15 '22 at 17:47
  • But I wondered _why_ you would want a random number as the user id, surely the id must be unique? – droopsnoot May 16 '22 at 08:02

0 Answers0