Bugs item #752218, was opened at 2003-06-10 14:58
Message generated for change (Tracker Item Submitted) made by Item Submitter
You can respond by visiting:
https://sourceforge.net/tracker/?func=detail&atid=106121&aid=752218&group_id=6121
Category: All databases
Group: User Authentication
Status: Open
Resolution: None
Priority: 5
Submitted By: John Sechrest (sechrest)
Assigned to: Nobody/Anonymous (nobody)
Summary: User authentication sends passwd in clear text
Initial Comment:
It looks to me like the process of taking a username
and then the password sends that password back to the
server in clear text.
Either the server needs to collect the password in
SSL , or it needs to use the userAuth process to
collect and encrypt the password at the browser.
when I added user authentication to the old version
of php wiki for myself, I used the browser to do the encryption
using this library:
<?PHP
/// Auth example
/// how to do authentication
/// Assume a database like this:
/// create table members (
/// member_id int auto_increment primary key,
/// firstname varchar(40),
/// lastname varchar(40),
/// address varchar(60),
/// city varchar(40),
/// State varchar(16),
/// zip varchar(16),
/// Phone varchar(16),
/// bphone varchar(16),
/// email varchar(60),
/// login varchar(16),
/// passwd varchar(16),
/// team int,
/// admin int,
/// comment varchar(255)
/// );
/// Note, this need to add encryption on the passwd, which it
does not do.
/// Constants for the php database access
/// auth code
/// started from
http://www.zend.com/zend/tut/authentication.php#Heading1
1
$auth = false; // Assume user is not authenticated
if (isset( $PHP_AUTH_USER ) && isset($PHP_AUTH_PW)) {
// Connect to MySQL
mysql_connect( $authhost, $authdblogin,
$authdbpasswd )
or die ( 'Unable to connect to server.' );
// Select database on MySQL server
mysql_select_db( $authdatabase )
or die ( 'Unable to select database.' );
// Formulate the query
$authsql = "SELECT * FROM $authtable WHERE
login = '$PHP_AUTH_USER' AND
passwd = '$PHP_AUTH_PW'";
// Execute the query and put results in $result
$authresult = mysql_query( $authsql )
or die ( 'Unable to execute query for login.' );
// Get number of rows in $result.
$authnum = mysql_numrows( $authresult );
if ( $authnum != 0 ) {
// A matching row was found - the user is
authenticated.
for ($i = 0; $i < $authnum; $i++) {
$admin = mysql_result($authresult, $i, "admin");
/// debug echo " admin = $admin\n" ;
}
$auth = true;
}
}
if ( ! $auth ) {
header( 'WWW-Authenticate: Basic realm=$wwwrealm'
);
header( 'HTTP/1.0 401 Unauthorized' );
echo 'Authorization Required.';
echo ' You need to register';
exit;
}
?>
I am getting feedback that I need to fix this security hole
for our use of the wiki. What will it take for that to happen?
----------------------------------------------------------------------
You can respond by visiting:
https://sourceforge.net/tracker/?func=detail&atid=106121&aid=752218&group_id=6121
|
