My XSRF Prevention code isn't working


Posted on 16th Feb 2014 07:03 pm by admin

First of all, thanks for the generous help you guys have given me in the past on this forum.
Second, I apologize in advance if my code is hard to read, most of it was done in a rush.

Here goes:

login.php
Code: <?php
// create anti-csrf cookie value
$hash = sha1(time().rand().strlen(rand()));
$hash = substr($hash, 0, 8);
if (isset($_COOKIE['xsrf[0]'])) {
$i = 0;
while (isset($_COOKIE['xsrf['.$i.']'])) {
$i++;
}
setcookie('xsrf['.$i.']', $hash, 0, '/citizen/', '.ch4n.net');
} else {
setcookie('xsrf[0]', $hash, 0, '/citizen/', '.ch4n.net');
}


?>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<title>Citizen - Login</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<link rel="stylesheet" href="default.css">
</head>

<body>
<div class="header"><?php include("menu.html"); ?></div>

<div class="body">

<?php if (!empty($_GET['errors'])): ?>
<ul>
<li><?php print implode("</li>nt<li>", explode(';', $_GET['errors'])); ?></li>
</ul>
<?php endif; ?>

<form name="login" action="login_process.php" method="POST">
<input type="hidden" name="xsrfi" value="<?php echo $i; ?>" />
<input type="hidden" name="xsrf" value="<?php echo $hash; ?>" />
<table cellpadding="1" cellspacing="1" id="login">
<tbody>
<tr class="username">
<th>Username</th>
<td><input type="text" id="username" name="username" maxlength="20" /><br /></td>
</tr>
<tr class="password">
<th>Password</th>
<td><input type="password" id="password" name="password" maxlength="20" /></td>
</tr>

</tbody>
</table>
<input type="submit" name="submit" value="Login!" />
</form>

</div>

</body>
</html>
login_process.php
Code: <?php
if ($_COOKIE['xsrf['.$_POST['xsrfi'].']'] !== $_POST['xsrf'] || !isset($_COOKIE['xsrf['.$_POST['xsrfi'].']'])):
$errors = "It appears you have been a victim of a browser attack! Please run a virus scan before continuing online activities.;".$_COOKIE['xsrf['.$_POST['xsrfi'].']'].";".$_POST['xsrfi'].";".$_POST['xsrf'];
setcookie('xsrf['.$_POST['xsrfi'].']', sha1($hash), time()-1, '/citizen/', '.ch4n.net');
header("Location: login.php?errors=$errors");
endif;
setcookie('xsrf', sha1($hash), time()-1, '/citizen/', '.ch4n.net');
require('authent.php');
$user = mysql_escape_string(htmlentities($_POST['username']));
$pass = mysql_escape_string(htmlentities($_POST['password']));

$passwordhash = hashPassword($pass);

if(table_exists("user_".$user, 's2zsl9rx_citizen')):
// Make a MySQL Connection
require('c2db.php');
mysql_select_db("s2zsl9rx_citizen") or die(mysql_error());

$result = mysql_query("SELECT * FROM user_$user WHERE type='001'")
or die(mysql_error());

$row = mysql_fetch_assoc($result);

if ($row['val'] == $passwordhash):
$value = $user.','.$row['val'].','.hashPassword(getip());
setcookie('citizeninfo', $value, time()+3600, '/citizen/', 'ch4n.net');
mysql_close();
header("Location: game.php");
else:
$errors = 'Username and/or password are incorrect'.$row['val'];
mysql_close();
header("Location: login.php?errors=$errors");
endif;


else:
$errors = 'Username and/or password are incorrect';
header("Location: login.php?errors=$errors");
endif;
?>
Any help at all would be very much appreciated

No comments posted yet

Your Answer:

Login to answer
265 Like 24 Dislike
Previous forums Next forums
Other forums

Problems with array
This code is the last lines in an upload script that uploads 4 images at the same time and writes th

filesize() returns 0
I have a socket program that runs in an infinite loop, listening for connections, in this socket I h

Libraries in C++
Hi all,

I have two libraries. one is based targeted on linux platform and uses another li

array empty
Hiya peeps,

Ok here is the codes.

order.php

Code:

Preloading images
Posting this question here because I am not sure where this should belong.I am building an asp.net a

How do I send data using an html link
Hi

If I have
<a href="main_file.php">

How do I send data t

Checking if a process is running (problems including psapi.dll i think...)
Ok, so all I'm trying to do is check if a program is running...

I've found out that I nee

Thread in PHP
Thread in PHP
Some basic use and basic code for thread in php
This is my question?

update 2 columns by doing inner 2-column query
Hi,
is something like this possible?

update contract_all set col1,col2 =
(

Show specific day of the week
I have been racking my brain trying to get this function to work properly and it is doing so for eve

Sign up to write
Sign up now if you have flare of writing..
Login   |   Register
Follow Us
Indyaspeak @ Facebook Indyaspeak @ Twitter Indyaspeak @ Pinterest RSS



 
© indyaspeak.com. All Rights Reserved.
Play Free Quiz and Win Cash