views:

178

answers:

5

Hi everyone, I have been almost finished (well i thought i finished) writing this login page in php. Everything works fine when the user enter in the details and presses the login button.

But after the user logins once they are able to use the forward and back buttons on the browser to go between the 2 pages.

Is there a way to stop this from happening? Basically when there are at the login page they shouldn't be able to forward through to the next page.

(1st Page, the Login Page.)

<form method="post" action="selectQuery.php">
<table width="768" border="0" cellspacing="0" cellpadding="0">
  <tr>
    <td width="118" height="34">Name:</td>
    <td width="650"><select name="username"  id="username">
     <option value="fredk">Fred</option>
      <option value="arbonk">Arbon</option>
      <option value="arsalana">Arsalan</option>
      <option value="minhn">Minh</option>
      <option value="nathanielg">Nathaniel</option>
    </select></td>
  </tr>
  <tr>
    <td height="33">Password:</td>
    <td><input name="password" type="password" value="password" maxlength="16" /></td>
  </tr>
  <tr>
    <td>&nbsp;</td>
    <td><input type="submit" value="Login" /></td>
  </tr>
</table>
</form>

(2nd Page)

<?php
$username = $_POST['username'];
$password = $_POST['password'];
$referer = $_SERVER['HTTP_REFERER'];

#connection to server
$connection = @mysql_connect ( "***.***.**.*" , "****", "*******") or die ("Could not connect to server");

#connection to database
$rs = @mysql_select_db ( "one", $connection ) or die ("Could not connect to Database");

#the sql query
$sql = "SELECT * FROM `users` WHERE user_name = \"$username\" AND password = \"$password\"";

#executing the query
$results = mysql_query( $sql, $connection ) or die ("Could not connect to Database");

#counts the no of rows that much the query
$row = mysql_num_rows($results);
##$rows = count(row);

#checks to see if password field is left blank
#if so it will return the user back to the login page
#if there is a match then we assume that the login is authenticated


if (empty($password) || $row == 0)
 {
  header( "Location:$referer" ); exit();
 }

else 
{

 if ($username == 'fredk')
 { $fname = 'Fred'; }
 else if ($username == 'arbonk')
 { $fname = 'Arbon'; }
 else if ($username == 'arsalana')
 { $fname = 'Arsalan'; }
 else if ($username == 'minhn')
 { $fname = 'Minh'; }
 else if ($username == 'nathanielg')
 { $fname = 'Nathaniel'; }

 $msg = "Hi $fname, your login was successfull. <p></p>";

 echo($msg);

}

?>

The code on page 2 should check whether the login is correct, if all is good i have some additional code (a form and another Database query) which becomes visible to the user.

A: 

They can go fowar the "protected" page but they can't do a thing there... Since on the next load the page'll redirect them to login form. :)

TiuTalk
Yes this works for the first time , but once the user has successfully login, they can use the back button to go back (which is fine i guess) and when they are back at the login page the can use the forward button to go through to the next page (which is not good).
freddy6
+1  A: 

The way I've used to fool the browser is to never actually change the URL that it's looking at. POST to a separate page which sets session variables, and then redirect back to the initial page which uses the session variables like a big finite state machine.

Ignacio Vazquez-Abrams
This is what I do. It works well.
alex
that could work. i need to learn sessions
freddy6
+2  A: 

I'll just add there a few glaring problems of your login script.

  • What happens if my password is 1" OR 1=1
  • What if my browser doesn't send the referrer ?
  • @ is not a good way to suppress errors.

I think for your problem you should research PHP sessions.

I think instead of disabling the back and forward buttons, you should work with them. People expect them to work properly.

alex
A: 

In your second page, after validating the login, you should redirect to another page, e.g. the wellcome page, that will prevent the back/forward button of getting to the validation page. Also in the login page you could check if the user is already logged in and if that's the case you redirect to the wellcome page.

Other than that if the user is already logged in, then what's the problem that he/she can access pages he/she already visited by using the forward button ?

pedro
+2  A: 
Don Albrecht