User Personalization with PHP: User Login Personalization::Authentication | WebReference

User Personalization with PHP: User Login Personalization::Authentication

By Leidago Noabeb


In this article, we will be looking at the login page of the application. This is the first page that any user wanting to use our application is going to be faced with and the most important one in this section. This script does the very important job of authenticating a user and can make or break the application in the sense that if it is weak security wise, then any attacker can easily penetrate our application and cause damage. In this case, we will try to make it as difficult as possible for attackers to break our application. Some of the things that we are going to do to strengthen our application is to enforce data validation and make sure that we also put some measures in place to stop SQL injection.

The Login Script

The login script plays a very important role in this application. It is responsible for authenticating and keeping track of the user. Without this page any user will simply be able to store any bookmark and there will be no order, in the sense that when a user wants to view her bookmarks she will see everybody else's bookmarks at the same time because she will not have her bookmarks grouped under her name. In addition to authenticating users, the login script also starts a session for each user that it authenticates successfully, to keep track of this particular user. It creates a number of session variables that will eventually be used by other scripts. The script also runs a verification code that keeps automated robot logins at bay. Below is a screenshot of the script followed by the code:

See Figure 1

The code for the script is very large and contains a mixture of PHP and HTML, so I will list it section by section:

The code above is perhaps the most important on the page since it is responsible for verifying a user's credentials and interacting with the database, where the user details are stored. Let's take a look at the code. The very first thing the script does is to include the connect.php script. This script contains the database connection details that we need to connect to a MYSQL database; it also starts a session for the user:

We check if the form has been submitted and set some variables:

//check if the form has been submitted

The $msg variable is used to record any error messages that we may encounter, and is used throughout this script. As an improvement, try to use a form variable to check if the form has been submitted instead of the submit button as I did here. By using a form variable the user has more choice, in the sense that the form will be submitted whether they press the RETURN button on the keyboard or click on the submit button of the form. Once the form has been submitted all the posted information will be available for us to use, but it will also be available for attackers to use. Therefore, we need to do some data validation to make it as difficult as possible for attackers to break our application. Since we require all the fields to be filled in, we need to do three things:

  • Check that all form fields are filled in
  • Check that the form data is of the right type
  • Check that form data is of the right length, i.e. passwords should be eight characters long, etc.

We know that the user needs to submit the username, password and a verification code. Therefore, we check if the form variable is empty and if so, we set an error message:

Then we check to see if the form variable(s) are of the right length:

Note that for security reasons we set a vague error message such as "Invalid password" instead of something more informative such as "Incorrect password length". This is simply to confuse any attacker.

Once we've validated the form variables, we use our flag variable $msg to check if any errors occurred during form validation. If not, we continue to check if the user submitted password and username exists in our database, and if the account is active. We start by checking if the number code entered by the user is the same as the one shown on the form:

If the number codes match, the code connects to the database to verify the user:

If the user checks out, we need to set the session variables. These include:

  • user ID- Will be used to determine which parts of the application a user can access
  • username - Will be displayed on all pages
  • level - Determines the access level of the user
  • email - Sets the user email address

Here's how the above information is collected:

If the user details did not match, the following error is displayed:

If the number codes do no match then the following error message is shown:

The HTML Form

The HTML page presents the user with a form that collects the following fields:

  • Username - Collects the user name
  • Password-Collects the password
  • Number Code- Collects the number code

The page also provides the user with links to the registration and password scripts. It has the following code: