patternphpMinor
PHP Authentication API
Viewed 0 times
phpapiauthentication
Problem
I created small simple PHP Authentication API. I have a couple of scripts that I use for session, authentication and registration. Since I'm not an experienced backend and PHP developer, I wanted someone more experienced to review my scripts and tell me what I did wrong and what I can improve.
I did not use any framework; this is plain PHP.
User registration:
Getting authenticated member from session:
```
query($query) or die($mysqli->error.__LINE__);
$member = mysqli_fetch_assoc($result);
if($member) {
if (password_verify($object['password'], $member['password'])) {
$message = array('message' => 'Authentication Successful!');
$_SESSION["id"] = $member['id'];
echo json_encode($message);
} else {
$message = array('message' => 'Wrong Credentials, Authentication failed!');
se
I did not use any framework; this is plain PHP.
User registration:
query($validationQuery) or die($mysqli->error.__LINE__);
$member = mysqli_fetch_assoc($result);
if($member) {
$message = array('message' => 'Member with provided email address already exist, please use other email.');
http_response_code(406);
echo json_encode($message);
} else {
session_start();
$firstName = $object['firstName'];
$lastName = $object['lastName'];
$password = password_hash($object['password'], PASSWORD_DEFAULT);
$registrationQuery = "INSERT INTO members
(firstName, lastName, email, password)
VALUES
('$firstName', '$lastName', '$email', '$password')";
if ($mysqli->query($registrationQuery) === TRUE) {
$message = array(
'message' => 'Registration Successful, you can use your credentials to log in.',
'memberId' => mysqli_insert_id($mysqli));
$_SESSION["id"] = $message['memberId'];
echo json_encode($message);
}
}
$mysqli->close();
} else {
http_response_code(400);
}
?>Getting authenticated member from session:
```
query($query) or die($mysqli->error.__LINE__);
$member = mysqli_fetch_assoc($result);
if($member) {
if (password_verify($object['password'], $member['password'])) {
$message = array('message' => 'Authentication Successful!');
$_SESSION["id"] = $member['id'];
echo json_encode($message);
} else {
$message = array('message' => 'Wrong Credentials, Authentication failed!');
se
Solution
Ehh, let's look at the biggest issue here: the SQL-Injection vulnerability.
All I have to do is provide a bad string in that JSON for
Solution: prepared statements.
$object = json_decode(file_get_contents("php://input"), true);
if (isset($object['email']) && isset($object['password']) && isset($object['firstName']) && isset($object['lastName'])) {
$email = $object['email'];
$validationQuery="select * from members where email='$email'";All I have to do is provide a bad string in that JSON for
email and now I can destroy your database easy.Solution: prepared statements.
Code Snippets
$object = json_decode(file_get_contents("php://input"), true);
if (isset($object['email']) && isset($object['password']) && isset($object['firstName']) && isset($object['lastName'])) {
$email = $object['email'];
$validationQuery="select * from members where email='$email'";Context
StackExchange Code Review Q#150696, answer score: 3
Revisions (0)
No revisions yet.