2

I'm new to php coding, and basically I'm creating a user panel where users login and from there they access their dashboard which lets them do things.

I'm using php sessions to do this, and basically at the top of the dashboard I put:

session_start();
if(!session_is_registered(myusername)){
header("location:index.php");

This makes it so users who aren't logged in are re-directed to index.php.

The problem is that there is certain commands users can do from dashboard, like this: /dashboard.php?reset=true

And doing these commands does not require active session for some reason. Anyone can just go to /dashboard.php?reset=true and reset everything, without an active session!

Does anybody know how to fix this security flaw which allows people to do this?

Thanks

Improve this question
3
  • 1
    That sounds like a security flaw in your implementation of /dashboard.php?reset=true rather than PHP. A session, by definition, requires the client to present a token with each request (either by cookie or query string). That does not mean you have to look for it before taking action. Could you post that bit of code (doing the reset) and the rest of your security checks? The problem may lie there. Commented Nov 20, 2012 at 5:14
  • 2
    Missing exit;. And pretty sure that's not how session_is_registered was to be used (note the past tense). Commented Nov 20, 2012 at 5:14
  • @Mario - isn't that the answer? Commented Nov 20, 2012 at 5:17

4 Answers 4

Reset to default
2

Quick answer : you could put the same code in the /dashboard.php? file

Better verfy if the user is an admin by declaring a sessionvariable.

when logged in before redirecting :

session_start();
$_SESSION['is_admin']="yes" ;

In the "execution files" :

if(isset() && $_SESSION['is_admin'] == "yes")
{
  //do your thing
}
else
{
   echo : "you are not allowed to do that";
}

for more security tips : link it will point out some security issues for you

Improve this answer
Sign up to request clarification or add additional context in comments.

1 Comment

as it was poited out by Dev don't forget to start the session
0

I guess that by reset you mean password. Just get that part to ask them for the old password as well as the new old. And to stop robots use summat like CAPTCHA,

Improve this answer

Comments

0

You need to put a die or exit or some other way of terminating after your header() call. header() doesn't stop execution, so even though it's sending the Location: redirect, it's going to keep going down through your code.

Improve this answer

Comments

0

Might be you are using php 5.4.x

session_is_registered has been DEPRECATED as of PHP 5.3.0 and REMOVED as of PHP 5.4.0.

Use isset($_SESSION['myusername']) instead of session_is_registered

Edit

exit should always be put after redirecting from header, die will work too.

Improve this answer

2 Comments

Does isset($_SESSION['myusername']) function still work on 5.3.0?
Thanks man it works great, this website is great I will stick around!

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.