Having trouble with PHP project login Issue

Question

SO i have been trying with a php project and everything is working fine.Except a bit extra. Login page redirects to Dashboard even with incorrect details .So basically login is bypassed regardless the login details. Also By putting "sitename/dashboard" directly also bypasses the login. Below Are my Code.

1.index(login page)

 <?php require('inc/dbPlayer.php'); require('inc/sessionManager.php'); $msg=""; if ($_SERVER["REQUEST_METHOD"] == "POST") { if (isset($_POST["btnLogin"])) { $db = new \\dbPlayer\\dbPlayer(); $msg = $db->open(); if ($msg == "true") { $userPass = md5("hms2015".$_POST['password']); $loginId = $_POST["email"]; $query = "select loginId,userGroupId,password,name,userId from users where loginId='" . $loginId . "' and password='" . $userPass . "';"; var_dump($query); $result = $db->getData($query); //var_dump($result); $info = array(); while ($row = mysql_fetch_assoc($result)) { array_push($info, $row['loginId']); array_push($info, $row['userGroupId']); array_push($info, $row['password']); array_push($info, $row['name']); array_push($info, $row['userId']); } //$db->close(); $ses = new \\sessionManager\\sessionManager(); $ses->start(); $ses->Set("loginId", $info[0]); $ses->Set("userGroupId", $info[1]); $ses->Set("name", $info[3]); $ses->Set("userIdLoged", $info[4]); if (is_null($info[0])) { $msg = "Login Id or Password Wrong!"; } else { } if($info[1]=="UG004") { header('Location: http://localhost/hms/sdashboard.php'); } elseif($info[1]=="UG003") { header('Location: http://localhost/hms/edashboard.php'); } else { header('Location: http://localhost/hms/dashboard.php'); } } } } ?> <!DOCTYPE html> <html lang="en"> <head> <title>HMS</title> </head> <body> <div class="container"> <div class="row"> <div class="col-md-4 col-md-offset-4"> <div class="panel-body"> <form name="login" action="index.php" accept-charset="utf-8" method="post" enctype="multipart/form-data"> <fieldset> <div class="form-group"> <input class="form-control" placeholder="E-mail/Login ID" name="email" type="text" autofocus required> </div> <div class="form-group"> <input class="form-control" placeholder="Password" name="password" type="password" value="" required> </div> <div class="checkbox"> <label> <input name="remember" type="checkbox" value="Remember Me">Remember Me </label> <a href="#" class="red pull-right">Forget Password</a> <label id="loginMsg" class="red"><?php echo $msg ?></label> </div> <button type="submit" name="btnLogin" class="btn btn-lg btn-success btn-block"><i class="glyphicon glyphicon-log-in"></i> Login</button> </fieldset> </form> </div> </div> </div> </div> </div> </body> </html>

2.dbplayer

 <?php namespace dbPlayer; class dbPlayer { private $db_host="localhost"; private $db_name="hms"; private $db_user="root"; private $db_pass=""; protected $con; public function open(){ $con = mysql_connect($this->db_host,$this->db_user,$this->db_pass); if($con) { $dbSelect = mysql_select_db($this->db_name); if($dbSelect) { return "true"; } else { return mysql_error(); } } else { return mysql_error(); } } public function close() { $res=mysql_close($this->con); if($res) { return "true"; } else { return mysql_error(); } } public function insertData($table,$data) { $keys = "`" . implode("`, `", array_keys($data)) . "`"; $values = "'" . implode("', '", $data) . "'"; //var_dump("INSERT INTO `{$table}` ({$keys}) VALUES ({$values})"); mysql_query("INSERT INTO `{$table}` ({$keys}) VALUES ({$values})"); return mysql_insert_id().mysql_error(); } public function registration($query,$query2) { $res=mysql_query($query); if($res) { $res=mysql_query($query2); if($res) { return "true"; } else { return mysql_error(); } } else { return mysql_error(); } } public function getData($query) { $res = mysql_query($query); if(!$res) { return "Can't get data ".mysql_error(); } else { return $res; } } public function update($query) { $res = mysql_query($query); if(!$res) { return "Can't update data ".mysql_error(); } else { return "true"; } } public function updateData($table,$conColumn,$conValue,$data) { $updates=array(); if (count($data) > 0) { foreach ($data as $key => $value) { $value = mysql_real_escape_string($value); // this is dedicated to @Jon $value = "'$value'"; $updates[] = "$key = $value"; } } $implodeArray = implode(', ', $updates); $query ="UPDATE ".$table." SET ".$implodeArray." WHERE ".$conColumn."='".$conValue."'"; //var_dump($query); $res = mysql_query($query); if(!$res) { return "Can't Update data ".mysql_error(); } else { return "true"; } } public function delete($query) { $res = mysql_query($query); // var_dump($query); if(!$res) { return "Can't delete data ".mysql_error(); } else { return "true"; } } public function getAutoId($prefix) { $uId=""; $q = "select number from auto_id where prefix='".$prefix."';"; $result = $this->getData($q); $userId=array(); while($row = mysql_fetch_assoc($result)) { array_push($userId,$row['number']); } // var_dump($UserId); if(strlen($userId[0])>=1) { $uId=$prefix."00".$userId[0]; } elseif(strlen($userId[0])==2) { $uId=$prefix."0".$userId[0]; } else { $uId=$prefix.$userId[0]; } array_push($userId,$uId); return $userId; } public function updateAutoId($value,$prefix) { $id =intval($value)+1; $query="UPDATE auto_id set number=".$id." where prefix='".$prefix."';"; return $this->update($query); } public function execNonQuery($query) { $res = mysql_query($query); if(!$res) { return "Can't Execute Query".mysql_error(); } else { return "true"; } } public function execDataTable($query) { $res = mysql_query($query); if(!$res) { return "Can't Execute Query".mysql_error(); } else { return $res; } } }

3.Session manager

 <?php namespace sessionManager; class sessionManager { public function Set($key,$value) { $_SESSION[$key] = $value; // $_SESSION['start'] = time(); // $_SESSION['expire'] = $_SESSION['start'] + (30 * 60); } public function Get($key) { // session_start(); if(isset($_SESSION[$key])) { return $_SESSION[$key]; } else { return null; } } public function isExpired() { //session_start(); $now = time(); if ($now > $_SESSION['expire']) { session_unset(); session_destroy(); return true; } else { return false; } } public function remove($key) { //session_start(); unset($_SESSION[$key]); } public function start() { session_start(); $_SESSION['start'] = time(); $_SESSION['expire'] = $_SESSION['start'] + (30 * 60); } }

Answer 1

A few hints:

• require values should not be in brackets.
• you should NOT be using mysql_ functions, this library is now CEASED and unavailable in PHP 7. Get up to date to 2012 and use mysqli_ or PDO . ( Why? )
• You should be using PHP 7. As a minimum . ( Why? )
• Do NOT use md5 for hashing passwords. Use PHP's built in password_hash() function(s). ( How? )
• STOP outputting errors to screen (aka return mysql_error(); ). You should be sending errors to an error log ( error_log(print_r(mysql_error(),true)); ) so the public can't see the details of the error.
• Read your PHP Error Log . What does it say?

• Use Prepared Statements on your database interactions. ([How?( https://phpdelusions.net/mysqli ))

• Header("Location: ... "); functions should always be immediately followed by exit; / die();

• NEVER trust user input. Even if the user tells you it's harmless. ( Why? )
• Read your PHP Error Log . What does it say?
• Your classes should probably have class __constuct() functions. ( why? )
• You can use Boolean Values instead of strings; use return true; instead of return "true";
• You STILL should NOT be using mysql_ functions, Why are you still using them? Stop reading this and update your codebase! Use mysqli_ or PDO . ( Why? )
• Learn the differences between the different PHP Comparison Operators . And apply what you learn to your code.
• Use the PHP Manual to find out and use the multitude of functions available in PHP.
• Please get in touch with me if you wish to purchase a copy of PHP 6 (rated 4.5/5 stars on TripAdvisor ).

You have a lot of reading to do, and a lot to learn. I would say good luck, but you don't need any luck, you need to read and commit yourself to learning how to use PHP properly .

Have fun.

Answer 2

You need to apply a condition whether you have record in database or not. If not then you need to bypass to login page. Change this code as below:

if ($msg == "true") {
            $userPass = md5("hms2015".$_POST['password']);
            $loginId = $_POST["email"];
            $query = "select loginId,userGroupId,password,name,userId from users where loginId='" . $loginId . "' and password='" . $userPass . "';";
            var_dump($query);
            $result = $db->getData($query);
            //var_dump($result);

            if (mysql_num_rows($result) > 0) { // means user is logged in
            $info = array();
            while ($row = mysql_fetch_assoc($result)) {

                array_push($info, $row['loginId']);
                array_push($info, $row['userGroupId']);
                array_push($info, $row['password']);
                array_push($info, $row['name']);
                array_push($info, $row['userId']);

            }
            //$db->close();
            $ses = new \sessionManager\sessionManager();
            $ses->start();
                $ses->Set("loginId", $info[0]);
                $ses->Set("userGroupId", $info[1]);
                $ses->Set("name", $info[3]);
                $ses->Set("userIdLoged", $info[4]);
            if (is_null($info[0])) {
                $msg = "Login Id or Password Wrong!";

            }
            else
            {

            }
            if($info[1]=="UG004")
            {
                header('Location: http://localhost/hms/sdashboard.php');
            }
            elseif($info[1]=="UG003")
            {

                header('Location: http://localhost/hms/edashboard.php');
            }
            else
            {
                header('Location: http://localhost/hms/dashboard.php');
            }
            }
        }

But I will suggest you to use PDO as mysql is deprecated already. Also your code is widely open for SQL injection as well so read about it as well. Hope it helps you but make your code reliable.