Insert into db using keys and MD5 – PHP

  php

Q(Question):

hI all,
Am hoping someone can point me in the right direction here. I have some basic code that I used to add staff members to my db with. Now I am wanting to secure the password using MD5 and am stuck terribly here,
I have a file called config.inc.php and the contents are:

<?php
$salt="somegreatstuff";
//captcha
$publickey = "6LctuMgSAAAAADBvul3A-jipON8SydIBK3S67gdR";
$privatekey = "6LctuMgSAAAAAHM54D2yt0HX1iaIpz1Yv6Inq2nG";
?>

I include this file in my "addstaff.php" file but cannot get the password into the db in MD5 format. Everything gets inserted and my var_dump shows the password being inserted as text.
This is my current code and hope someone can show me my error which I think is around lines 18&19. Those 2 lines are code I borrowed from another of my files that use keys in the insert. As my knowledge is still very basic in php I have come unstuck…I tried placing those two line around line 31 and then on "submit" my var_dump reports that the column called "password" was being submitted twice..

<?php
include '../dbfunctions.php';
include '../config.inc.php';
session_start();
$link = dbConnect();
checkStaffLogin();
$staffs = dbGetRows("staff", "id = '".$_SESSION['stid']."'");
$staff = mysql_fetch_array($staffs, MYSQL_ASSOC);
echo $stid;
echo $staff['surname'];
$coid = $staff['company_id'];
if( isset($_POST['Submit']) ) {
$keys = "";
$values = "";
if($k=="password")
$v=md5($v.$salt);
foreach($_POST as $k => $v) {
if( $k != "Submit" ) {
if( $keys == "" ) $keys = "`".$k."`"; else $keys .= ", `".$k."`";
if( $values == "" ) $values = "'".$v."'"; else $values .= ", '".$v."'";
}
}
$keys .= ", `dateadded`";
$values .= ", '".date("Y-m-d")."'";
$unamecheckresult = dbGetRows("staff", "username = '".$_POST['username']."'");
$errorcode = "0";
if( mysql_num_rows($unamecheckresult) > 0 ) $errorcode = "1";
if( $_POST['username'] == "" ) $errorcode = "2";
if( $_POST['password'] == "" ) $errorcode = "3";
$query = "INSERT INTO staff (".$keys.") VALUES (".$values.");";
if( mysql_num_rows($unamecheckresult) == 0 && $_POST['username'] != "" && $_POST['password'] != "") $result = mysql_query($query, $link) or die("Query failed : ". $query."<br>". mysql_error());
var_dump ($query);
}
?>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<title>Add Staff Member</title>
<link rel="shortcut icon" type="image/x-icon" href="../images/favicon.ico">
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<link href="../bb.css" rel="stylesheet" type="text/css">
<script src="../usableforms1.js"></script>
</head>
<body onLoad="prepareForm()">
<table width="80%" border="0" cellspacing="0" cellpadding="0" align="center">
<tr>
<td width="23"><img src="http://bytes.com/submit/images/brdr-tl.gif"></td>
<td width="0*" background="../images/brdr-t2.gif" style="background-repeat: repeat-x;"></td>
<td width="23"><img src="http://bytes.com/submit/images/brdr-tr.gif"></td>
</tr>
<tr>
<td rowspan="2" valign="top" background="../images/brdr-l2-repeat.gif" style="background-repeat: repeat-y; background-position: left;"><img src="http://bytes.com/submit/images/brdr-l2.gif" width="23" <?php if(strpos($_SERVER['HTTP_USER_AGENT'], "MSIE") == 0) echo "style=\"height: 100%\""; ?>></td>
<td valign="top"><table width="100%" border="0" cellspacing="0" cellpadding="0">
<tr>
<td width="174" height="81" align="center"><img src="http://bytes.com/submit/images/zululogo.gif" width="159" height="61"></td>
<td width="626" align="right" valign="bottom"><input type="button" name="Cancel2" value="Cancel" onClick="window.close(); opener.location.reload(true);"></td>
</tr>
</table>
<a href="javascript:;" onClick="if( document.getElementById('advancedbox').style.display == 'block' ) document.getElementById('advancedbox').style.display = 'none'; else document.getElementById('advancedbox').style.display = 'block';"><font size="3"><b>
</b></font></a> <table width="100%" border="0" cellspacing="0" cellpadding="3" style="border: 1px solid #BBBBBB;">
<tr>
<td bgcolor="#F5F5F5"><font size="3" color="#880000"><b><?php echo $company['coname']; ?>:&nbsp;Add Staff Member</b></font> </a></td>
</tr>
</table>
<br>
<?php
if(isset($_POST['Submit'])) {
switch( $errorcode ) {
case "0":
echo "Staff Member Succesfully Added.<br><br>
<a href=\"javascript:;\" onClick=\"window.close(); opener.location.reload(true)\">[CLOSE WINDOW]</a><br> <br>
<td valign=\"top\" background=\"../images/brdr-r2-repeat.gif\" style=\"background-repeat: repeat-y; background-position: right;\"><img src=\"../images/brdr-r2.gif\" width=\"23\" ".(strpos($_SERVER['HTTP_USER_AGENT'], "MSIE") == 0 ? "style=\"height: 100%\"" : "")."></td>
</tr>
<tr>
<td><img src=\"../images/brdr-bl.gif\"></td>
<td background=\"../images/brdr-b2.gif\" style=\"background-repeat: repeat-x;\"></td>
<td><img src=\"../images/brdr-br.gif\"></td>
</tr>
</table>
<br>
</body>
</html>
";
die();
break;
case "1":
echo "<font color=\"#FF0000\">The username you entered already exists, please enter an alternate username.</font><br><br>";
break;
case "2":
echo "<font color=\"#FF0000\">Please enter a username!</font><br><br>";
break;
case "3":
echo "<font color=\"#FF0000\">Please enter a password!</font><br><br>";
break;
}
}
?>
<br> <form name="form1" method="post" action="addstaff.php">
<table bgcolor="#FAFAFA" border="0" cellspacing="5" cellpadding="2" style="border: 1px solid #BBBBBB;">
<tr>
<td><b>Login Details</b></td>
<td width="213" colspan="-2"><input type="hidden" name="company_id" value="<?php echo $coid; ?>">
<input type="hidden" name="status" value="1"></td>
</tr>
<tr>
<td colspan="2" class="small">Allocated the staff member a username and password.</td>
</tr>
<tr>
<td><b>Username:</b></td>
<td width="213" colspan="-2"><input type="text" name="username"> </td>
</tr>
<tr>
<td><b>Password:</b></td>
<td width="213" colspan="-2"><input type="password" name="password"> </td>
</tr>
<tr>
<td><b>Is an Administrator?</b></td>
<td colspan="-2">&nbsp;</td>
</tr>
<tr>
<td colspan="2"><hr></td>
</tr>
<tr>
<td><b>Title:</b></td>
<td colspan="-2"><select name="title" size="1">
<option>Mr.</option>
<option>Mrs.</option>
<option>Ms.</option>
<option>Adv.</option>
<option>Prof.</option>
<option>Dr.</option>
</select></td>
</tr>
<tr>
<td><b>First Name:</b></td>
<td width="213" colspan="-2"><input type="text" name="firstname" value="<?php echo $_POST['firstname']; ?>"></td>
</tr>
<tr>
<td><b>Surname:</b></td>
<td colspan="-2"><input type="text" name="surname" value="<?php echo $_POST['surname']; ?>"></td>
</tr>
<tr>
<td><b>Telephone No:</b></td>
<td colspan="-2"><input type="text" name="tel" value="<?php echo $_POST['tel']; ?>"></td>
</tr>
<tr>
<td><b>Cell Number:</b></td>
<td colspan="-2"><input type="text" name="cell" value="<?php echo $_POST['cell']; ?>"></td>
</tr>
<tr>
<td><b>E-Mail Address:</b></td>
<td colspan="-2"><input type="text" name="email" value="<?php echo $_POST['email']; ?>"></td>
</tr>
<tr>
<td colspan="2"><hr></td>
</tr>
<tr>
<td>&nbsp;</td>
<td colspan="-2" align="right"><input type="submit" name="Submit" value="Submit">
<input type="button" name="Cancel" value="Cancel" onClick="window.close(); opener.location.reload(true);"></td>
</tr>
</table>
</form></td>
<td rowspan="2" valign="top" background="../images/brdr-r2-repeat.gif" style="background-repeat: repeat-y; background-position: right;"><img src="http://bytes.com/submit/images/brdr-r2.gif" width="23" <?php if(strpos($_SERVER['HTTP_USER_AGENT'], "MSIE") == 0) echo "style=\"height: 100%\""; ?>></td>
</tr>
<tr>
<td valign="top">&nbsp;</td>
</tr>
<tr>
<td><img src="http://bytes.com/submit/images/brdr-bl.gif"></td>
<td background="../images/brdr-b2.gif" style="background-repeat: repeat-x;"></td>
<td><img src="http://bytes.com/submit/images/brdr-br.gif"></td>
</tr>
</table>
<table><tbody id="waitingRoom"
style="display: none"></tbody></table>
<br>
</body>
</html>

A(Answer):

If variables $k, $v and $salt are not defined somewhere in files you included than lines 19 & 20 make no seance. PHP needs to know exactly what those variables are to use them.

A(Answer):

firstly it is highly dangerous to uncheckedly take user input in your SQL query. anyone could write a form, post to your script and may execute whatever he likes on the DB (called SQL injection).

the other point is that you md5 the password, but you donย’t use it, since it is outside the foreach loop.

A(Answer):

yup he’s(Dormilich) right about it ,

foreach($_POST as $k => $v)

bu i think that along with it this must be also the cause as the salt value is already stored into $v and then in the for each the $v is actually the text input from the post array change this


if( isset($_POST['Submit']) ) {
$keys = "";
$values = "";
if($k=="password")
$v=md5($v.$salt);
foreach($_POST as $k => $v) {
if( $k != "Submit" ) {
if( $keys == "" ) $keys = "`".$k."`"; else $keys .= ", `".$k."`";
if( $values == "" ) $values = "'".$v."'"; else $values .= ", '".$v."'";
}
}

to this

if( isset($_POST['Submit']) ) {
$keys = "";
$values = "";
foreach($_POST as $k => $v) {
if($k=="password")
$v=md5($v.$salt);
if( $k != "Submit" ) {
if( $keys == "" ) $keys = "`".$k."`"; else $keys .= ", `".$k."`";
if( $values == "" ) $values = "'".$v."'"; else $values .= ", '".$v."'";
}
}

and what zorgi said is related to the cause too ($k, $v and $salt they need to be defined somewhere before)

regards,
Omer Aslam

A(Answer):

Hi all.. thanks a ton for your time. Your solutions fixed my problem and after changing the code i ended up with what Omar has outlined and now everything is hunky dory… thanks once again to you all…
I have a lot to learn regarding MD5, some say it is not secure, some say I should be on SHA and yet others are saying I should use the built in PHP/MYSL features so I ahve a lot to read up on ๐Ÿ™‚
Many thanks once again…

A(Answer):

Hey,
I am glad to be of some help o good luck with your R&D, please choose the correct answer so that others searching for the same problem might get some help too.
regards,

Omer Aslam

A(Answer):

I have a lot to learn regarding MD5, some say it is not secure, some say I should be on SHA and yet others are saying I should use the built in PHP/MYSL features so I ahve a lot to read up on ๐Ÿ™‚

that’s right, MD5 can be exploited (i.e. you can relatively easily find a string with the same MD5 hash).

pretty much every other algorithm is more secure, probably the most common are SHA256+ and RIPEMD160+. the PHP function that handles that is hash() resp. hash_hmac() for salted hashing.

LEAVE A COMMENT