我有這個安全頁面。只是想詢問是否應該有任何我需要擔心的cookie登錄。我不使用mysql來保存用戶數據,因爲只有管理員需要訪問該頁面。你能告訴我我的安全登錄頁面的任何缺陷嗎?黑客如何能夠破解這個主要的安全頁面?我還需要做些什麼才能使它更安全。非常感謝你。PHP Cookie安全
<?php
$salt = 'a|s534#ihtuQb84z<xIR_ kU;L~?-A?-x|u+Njw##Us(Pi(-hM+YmiQF`Bz[Bl -';
$salt2 = ',/Da|H#s7cWINVi&a4wy9Qc&gVrF*o)u(XoidF?-8w=vkzLRLN4U9 #u88T5818E';
//checks for post details
if (isset($_POST['user'], $_POST['pass'])) {
//santizes the details
$user = preg_replace('/[^A-Za-z0-9]/','', $_POST['user']);
$pass = preg_replace('/[^A-Za-z0-9]/','', $_POST['pass']);
//check if user exists
if (($user === 'admin1' && $pass === 'pass1') ||
($user === 'admin2' && $pass === 'pass2') ||
($user === 'admin3' && $pass === 'pass3')) {
//i can make it that the $user will also be hashed just in case i need to
$cookiemd5 = $user.'-'.sha1(crypt($pass, $salt).md5($_SERVER["REMOTE_ADDR"].$salt2.$_SERVER["HTTP_USER_AGENT"]));
if (intval($_POST['rememberme']) === 1) {
setcookie("temp", $cookiemd5, time()+60*60*24*365, "/", ".domain.com", false, true);
} else {
setcookie("temp", $cookiemd5, false, "/", ".domain.com", false, true);
}
header("Location: /secure.php"); exit();
} else {
header("Location: /secure.php"); exit();
}
} elseif($_GET['do'] === 'logout') {
setcookie("temp", "", time()-2592000, "/", ".domain.com", false, true);
header("Location: /secure.php"); exit();
} elseif (isset($_COOKIE['temp'])) {
$details = explode('-', $_COOKIE['temp']);
if (($details[0] == 'admin1' && $details[1] == sha1(crypt('pass1', $salt).md5($_SERVER["REMOTE_ADDR"].$salt2.$_SERVER["HTTP_USER_AGENT"]))) ||
($details[0] == 'admin2' && $details[1] == sha1(crypt('pass2', $salt).md5($_SERVER["REMOTE_ADDR"].$salt2.$_SERVER["HTTP_USER_AGENT"]))) ||
($details[0] == 'admin3' && $details[1] == sha1(crypt('pass3', $salt).md5($_SERVER["REMOTE_ADDR"].$salt2.$_SERVER["HTTP_USER_AGENT"])))) {
//+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
//+++++++++++++++++++++ EVERYTHING STARTS HERE AFTER LOGIN ++++++++++++++++++++++++++++++++++++++
//+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
?>
<?php
//+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
//+++++++++++++++++++++ EVERYTHING ENDSSS HERE AFTER LOGIN ++++++++++++++++++++++++++++++++++++++
//+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
} else { setcookie("temp", "", time()-2592000, "/", ".domain.com", false, true); header("Location: /secure.php"); }
} else { echo'<form name="login" method="post" action="secure.php"> Username: <input type="text" name="user"><br> Password: <input type="password" name="pass"><br> Remember Me: <input type="checkbox" name="rememberme" value="1"><br> <input type="submit" name="submit" value="Login!"></form>'; } ?>
編輯.... 你看這個簡單的PHP會話登錄...這是遠比餅乾更安全?
<?php
session_start();
if ($_SESSION['logged_in'] == true) {
//++++++++++++++++ secure data start +++++++++++++++++++
//++++++++++++++++ secure data end +++++++++++++++++++
} elseif ($_POST['user'] == 'admin' && $_POST['pass'] == '[email protected]@s$w0rD98741') {
$_SESSION['logged_in'] = true;
} else {
session_destroy();
}
?>
簡單而簡單:爲什麼不進行會話?它們很簡單,並且對服務器控制登錄有效性。 – deceze
AbsoluteƵERØ說得好看。您可能會添加例如睡眠。 4000ms對每個登錄檢查的殘障暴力攻擊 – alex
@alex 4000ms聽起來有點刺耳,我想你的意思是400ms – Oleg