我有这个安全页面。只是想询问是否应该有任何我需要担心的cookie登录。我不使用mysql来保存用户数据,因为只有管理员需要访问该页面。你能告诉我我的安全登录页面的任何缺陷吗?黑客如何能够破解这个主要的安全页面?我还需要做些什么才能使它更安全。非常感谢你。PHP Cookie安全
<?php
$salt = 'a|s534#ihtuQb84z<xIR_ kU;L~?-A?-x|u+Njw##Us(Pi(-hM+YmiQF`Bz[Bl -';
$salt2 = ',/Da|H#s7cWINVi&a4wy9Qc&gVrF*o)u(XoidF?-8w=vkzLRLN4U9 #u88T5818E';
//checks for post details
if (isset($_POST['user'], $_POST['pass'])) {
//santizes the details
$user = preg_replace('/[^A-Za-z0-9]/','', $_POST['user']);
$pass = preg_replace('/[^A-Za-z0-9]/','', $_POST['pass']);
//check if user exists
if (($user === 'admin1' && $pass === 'pass1') ||
($user === 'admin2' && $pass === 'pass2') ||
($user === 'admin3' && $pass === 'pass3')) {
//i can make it that the $user will also be hashed just in case i need to
$cookiemd5 = $user.'-'.sha1(crypt($pass, $salt).md5($_SERVER["REMOTE_ADDR"].$salt2.$_SERVER["HTTP_USER_AGENT"]));
if (intval($_POST['rememberme']) === 1) {
setcookie("temp", $cookiemd5, time()+60*60*24*365, "/", ".domain.com", false, true);
} else {
setcookie("temp", $cookiemd5, false, "/", ".domain.com", false, true);
}
header("Location: /secure.php"); exit();
} else {
header("Location: /secure.php"); exit();
}
} elseif($_GET['do'] === 'logout') {
setcookie("temp", "", time()-2592000, "/", ".domain.com", false, true);
header("Location: /secure.php"); exit();
} elseif (isset($_COOKIE['temp'])) {
$details = explode('-', $_COOKIE['temp']);
if (($details[0] == 'admin1' && $details[1] == sha1(crypt('pass1', $salt).md5($_SERVER["REMOTE_ADDR"].$salt2.$_SERVER["HTTP_USER_AGENT"]))) ||
($details[0] == 'admin2' && $details[1] == sha1(crypt('pass2', $salt).md5($_SERVER["REMOTE_ADDR"].$salt2.$_SERVER["HTTP_USER_AGENT"]))) ||
($details[0] == 'admin3' && $details[1] == sha1(crypt('pass3', $salt).md5($_SERVER["REMOTE_ADDR"].$salt2.$_SERVER["HTTP_USER_AGENT"])))) {
//+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
//+++++++++++++++++++++ EVERYTHING STARTS HERE AFTER LOGIN ++++++++++++++++++++++++++++++++++++++
//+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
?>
<?php
//+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
//+++++++++++++++++++++ EVERYTHING ENDSSS HERE AFTER LOGIN ++++++++++++++++++++++++++++++++++++++
//+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
} else { setcookie("temp", "", time()-2592000, "/", ".domain.com", false, true); header("Location: /secure.php"); }
} else { echo'<form name="login" method="post" action="secure.php"> Username: <input type="text" name="user"><br> Password: <input type="password" name="pass"><br> Remember Me: <input type="checkbox" name="rememberme" value="1"><br> <input type="submit" name="submit" value="Login!"></form>'; } ?>
编辑.... 你看这个简单的PHP会话登录...这是远比饼干更安全?
<?php
session_start();
if ($_SESSION['logged_in'] == true) {
//++++++++++++++++ secure data start +++++++++++++++++++
//++++++++++++++++ secure data end +++++++++++++++++++
} elseif ($_POST['user'] == 'admin' && $_POST['pass'] == '[email protected]@s$w0rD98741') {
$_SESSION['logged_in'] = true;
} else {
session_destroy();
}
?>
简单而简单:为什么不进行会话?它们很简单,并且对服务器控制登录有效性。 – deceze
AbsoluteƵERØ说得好看。您可能会添加例如睡眠。 4000ms对每个登录检查的残障暴力攻击 – alex
@alex 4000ms听起来有点刺耳,我想你的意思是400ms – Oleg