lundi 17 juillet 2017

Random Password Function Fails To Validate

I'm trying to create a web application that randomizes the type of password a user is requested before login. The registration page does not hash the password, and I don't really need to hash it for this demo. When a user is logging in, they first provide their email address, which is comfirmed from the database. The page code is as below(index.php):

<?php
    require_once 'dbconnect.php';

    /*
    if ( isset($_SESSION['user'])!="" ) {
        header("Location: home.php");
        exit;
    }
    */

    $error = false;

    if( isset($_POST['btn-login']) ) {
        $email = sanitize($_POST['email']);

        if(empty($email)){
            $error = true;
            $emailError = "Please enter your email address.";
        } else if ( !filter_var($email,FILTER_VALIDATE_EMAIL) ) {
            $error = true;
            $emailError = "Please enter valid email address.";
        }
        if (!$error) {

            $stmt = dbconnect()->prepare("SELECT * FROM users WHERE email=:email");
            $stmt->execute(array(
                ":email" => $email,
            ));
            $count = $stmt->rowCount();

            if($count == 1) {
                $_SESSION['email'] = $email;
                    redirect('creds.php');

            } else {
                $errMSG = "Incorrect Credentials, Try again...";
            }

        }

    }
?>
<!DOCTYPE html>
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Coding Cage - Login & Registration System</title>
<link rel="stylesheet" href="assets/css/bootstrap.min.css" type="text/css"  />
<link rel="stylesheet" href="style.css" type="text/css" />
</head>
<body>

<div class="container">

    <div id="login-form">
    <form method="post" autocomplete="off">

        <div class="col-md-12">
            <div class="form-group">
                <h2 class="">Sign In.</h2>
            </div>
            <div class="form-group">
                <hr />
            </div>
            <?php
            if ( isset($errMSG) ) {
                ?>
                <div class="form-group">
                <div class="alert alert-danger">
                <span class="glyphicon glyphicon-info-sign"></span> <?php echo $errMSG; ?>
                </div>
                </div>
                <?php
            }

            ?>
            <div class="form-group">
                <div class="input-group">
                <span class="input-group-addon"><span class="glyphicon glyphicon-envelope"></span></span>
                <input type="email" name="email" class="form-control" placeholder="Your Email" value="<?php if (isset($email)) {echo $email;} ?>" maxlength="40" />
                </div>
                <span class="text-danger"><?php if (isset ($emailError)) {echo $emailError;} ?></span>
            </div>

            <div class="form-group">
                <hr />
            </div>

            <div class="form-group">
                <button type="submit" class="btn btn-block btn-primary" name="btn-login">Next..</button>
            </div>

            <div class="form-group">
                <hr />
            </div>

            <div class="form-group">
                <a href="register.php">Sign Up Here...</a>
            </div>

        </div>

    </form>
    </div>  

</div>

</body>
</html

After filling out that form, the user is redirected to 'creds.php' which is supposed to select a random password function from functions.php. The creds.php code is:

<?php
require_once 'dbconnect.php';


/*
if ( isset($_SESSION['user'])!="" ) {
    header("Location: home.php");
    exit;
}
*/


$error = false;

if(isset($_POST['btn-login']) ) {
    $pass = sanitize($_POST['pass']);

    $passarray = getrandomfunction($pass);

    echo $passarray;
    if ($passarray == 0)
    {
        $passval = 'reversepass';
    }
    elseif ($passarray == 1)
    {
        $passval = 'passtoupper';
    }
    elseif ($passarray == 2)
    {
        $passval = 'passtolower';
    }
    elseif ($passarray == 3)
    {
        $passval = 'defaultpass';
    }
    elseif ($passarray == 4)
    {
        $passval = 'passfirst4letter';
    }
    $eg = $passval;

    if(empty($pass)){
        $error = true;
        $passError = "Please enter your password.";
    }

    if (!$error) {
        $stmt = dbconnect()->prepare("SELECT * FROM users WHERE email=:email");
        $stmt->execute(array(
            ":email" => $_SESSION['email'],
        ));
        $row = $stmt->fetchAll();
        $count = $stmt->rowCount();


        if( $count == 1 ) { /* && $passfrmdbffunc==$passfromfunc */
            foreach ($row as  $row)
            {

                //echo $eg;
                $dbpassword = $row['password']; //from db
                //$passfromfunc   = $eg($pass);
                $passfrmdbffunc = $eg($dbpassword);  // fromdb processed
                echo $pass . '<br/>';
                //echo $passfrmdbffunc;

                switch ($passarray)
                {
                    case 0;
                        if ($pass != reversepass($dbpassword))
                        {
                            $errMSG = "Incorrect revese Credentials, Try again...";
                        }
                        else{
                            $_SESSION['logged'] = True;
                            redirect('home.php');
                        }
                    break;
                    case 1:
                        if ($pass != passtoupper($dbpassword))
                        {
                            $errMSG = "Incorrect upper Credentials, Try again...";
                        }
                        else{
                            $_SESSION['logged'] = True;
                            redirect('home.php');
                        }
                    break;
                    case 2;
                        if ($pass != passtolower($dbpassword))
                        {
                            $errMSG = "Incorrect lower Credentials, Try again...";
                        }
                        else{
                            $_SESSION['logged'] = True;
                            redirect('home.php');
                        }
                    break;
                    case 3;
                        if ($pass !== defaultpass($dbpassword))
                        {
                            $errMSG = "Incorrect default Credentials, Try again...";
                        }
                        else{
                            $_SESSION['logged'] = True;
                            redirect('home.php');
                        }
                    break;
                    case 4;
                        if ($pass != passfirst4letter($dbpassword))
                        {
                            $errMSG = "Incorrect 4letter Credentials, Try again...";
                        }
                        else{
                            $_SESSION['logged'] = True;
                            redirect('home.php');
                        }
                    break;
                }

                /*
                if ($passfrmdbffunc == $pass)
                {
                    $_SESSION['logged'] = True;
                    //redirect('home.php');
                }
                else
                {
                    $errMSG = "Incorrect Credentials, Try again...";
                }*/
            }
        } else {
            $errMSG = "Incorrect Credentials, Try again...";
        }

    }

}
?>
<!DOCTYPE html>
<html>
<head>
    <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
    <title>Password <?php echo $_SESSION['email']; ?></title>
    <link rel="stylesheet" href="assets/css/bootstrap.min.css" type="text/css"  />
    <link rel="stylesheet" href="style.css" type="text/css" />
</head>
<body>

<div class="container">
    <div id="login-form">
        <form method="post" autocomplete="off">
            <div class="col-md-12">
                <div class="form-group">
                    <h2 class="">Provide your password in <?php if (isset($passarray)){echo $passval;}?></h2>
                </div>
                <div class="form-group">
                    <hr />
                </div>
                <?php
                if ( isset($errMSG) ) {
                    ?>
                    <div class="form-group">
                        <div class="alert alert-danger">
                            <span class="glyphicon glyphicon-info-sign"></span> <?php echo $errMSG; ?>
                        </div>
                    </div>
                    <?php
                }
                ?>
                <div class="form-group">

                    <div class="input-group">
                        <span class="input-group-addon"><span class="glyphicon glyphicon-lock"></span></span>
                        <input type="password" name="pass" class="form-control" placeholder="Your Password" maxlength="15" />
                    </div>
                    <span class="text-danger"><?php if (isset($passError)) {echo $passError;} ?></span>
                </div>

                <div class="form-group">
                    <hr />
                </div>

                <div class="form-group">
                    <button type="submit" class="btn btn-block btn-primary" name="btn-login">Sign In</button>
                </div>

                <div class="form-group">
                    <hr />
                </div>

                <div class="form-group">
                    <a href="register.php">Sign Up Here...</a>
                </div>

            </div>

        </form>
    </div>

</div>

</body>
</html

I am using PDO-Mysql driver to interact with the database. Oh, and the functions.php code that randomizes the passwords is:

<?php
function reversepass($password)
{
    return strrev($password);
}

function passtoupper($password)
{
    return strtoupper($password);
}

function passtolower($password)
{
    return strtolower($password);
}

function defaultpass($password)
{
    return $password;
}

function passfirst4letter($password)
{
    return substr($password, 0, 4);
}

function getrandomfunction($password)
{
    $functions = array(reversepass($password),passtoupper($password),passtolower($password),defaultpass($password),passfirst4letter($password));
    return array_rand(array_keys($functions));
}
?>

My problem is that the password form may request 'reverse password' but when you provide the password in reverse, instead of returning true, it returns the result of the next random function. I need it to redirect and set a session if the return value is true, else show the error message.




Aucun commentaire:

Enregistrer un commentaire