PHP DISABLE HTML ON MEMBERS PAGE

[Leprechaun Coder]

Hello,

I am new here, and i have to say i am very impressed on the site layout and the value of members that are on here. I am pleased to join such an appropriate forum to learn from!

Now, if i may get started on my little problem that i am having with my registration form. Before i get further into detail i am a nub at php coding, i have been getting into it lately and want to advance my learning with it.

Ok, that being said i would like to disable html sign up's on my registration. People are inserting html tag's in my registration field causing the members page to mess up. They inserted a big image that covered my whole page with the word 'hacked on it'. Which is very funny because it doesn't cause any harm but it's my stupidity for not disabling html tag's.

I would like some help with this so people can stop doing this stupid crap. I added a spam filter to my project so people don't use wpe pro to spam the mysql database and waist space.

Here is my register.php code:

PHP Code:

<?php session_start() ?> 

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<head>
    <meta http-equiv="content-type" content="text/html; charset=UTF-8">
    <title>DigiChat Member</title>
    <link rel="stylesheet" href="images/main.css" media="screen">
    <link rel="stylesheet" href="images/colors.css" media="screen">
    <link href="loginmodule.css" rel="stylesheet" type="text/css" />
    <style type="text/css">
.style1 {
    color: #CCCCCC;
    font-style: italic;
    font-weight: bold;
}
    </style>
</head>
<body>
<p>&nbsp;</p>

<p>&nbsp;</p>
<div id="container">
    <div id="header">
  <a id="logo" href="#" title="Support Center"><img src="images/head.png" alt="Support Center" width="801" height="64" border="0"></a></div>
    <ul id="nav">
                  <li><a class="ticket_status" href="./index.php">Home</a></li>
                  <li><a class="new_ticket" href="./members.php">Members</a><a class="new_ticket" href="./register.php">Register</a><a class="new_ticket" href="./news.php">News</a></li>
         <li></li>

    </ul>
    <div id="content">
      <div id="index"><?php
    if( isset($_SESSION['ERRMSG_ARR']) && is_array($_SESSION['ERRMSG_ARR']) && count($_SESSION['ERRMSG_ARR']) >0 ) {
        echo '<ul class="err">';
        foreach($_SESSION['ERRMSG_ARR'] as $msg) {
            echo '<li>'.strip_tags($msg).'</li>'; 
        }
        echo '</ul>';
        unset($_SESSION['ERRMSG_ARR']);
    }
?>
        <h1 align="left">Register A Free Account! </h1>
        <form id="loginForm" name="loginForm" method="post" action="register-exec.php">
          <p>&nbsp;</p>
          <table width="300" border="0" align="center" cellpadding="2" cellspacing="0">
            <tr>
              <th>First Name </th>
              <td><input name="fname" type="text" class="textfield" id="fname" /></td>
            </tr>
            <tr>
              <th width="124">Real Name </th>
              <td width="168"><input name="realname" type="text" class="textfield" id="realname" /></td>
            </tr>
            <tr>
              <th>Last Name </th>
              <td><input name="lname" type="text" class="textfield" id="lname" /></td>
            </tr>
            <tr>
              <th>Login</th>
              <td><input name="login" type="text" class="textfield" id="login" /></td>
            </tr>
            <tr>
              <th>Site ID</th>
              <td><input name="SiteID" type="text" class="textfield" id="SiteID" /></td>
            </tr>
            <tr>
              <th>Age</th>
              <td><input name="Age" type="text" class="textfield" id="Age" /></td>
            </tr>
            <tr>
              <th>Exit Message </th>
              <td><input name="exitmessage" type="text" class="textfield" id="exitmessage" /></td>
            </tr>
            <tr>
              <th>Comments </th>
              <td><input name="comments" type="text" class="textfield" id="comments" /></td>
            </tr>
            <tr>
              <th>Url</th>
              <td><input name="Url" type="text" class="textfield" id="Url" /></td>
            </tr>
            <tr>
              <th>Password</th>
              <td><input name="password" type="password" class="textfield" id="password" /></td>
            </tr>
            <tr>
              <th>Confirm Password </th>
              <td><input name="cpassword" type="password" class="textfield" id="cpassword" /></td>
            </tr>
            <tr></tr>
            <tr>
            <tr></tr>
<tr></tr>
<tr></tr>
<tr>
  <td></td>
  <td><div align="center">
    <p><img id="captcha" src="securimage_show.php" alt="CAPTCHA Image" /></p>
    <p>
      <input name="captcha_code" type="text" class="textfield" size="10" maxlength="6" />     
        <input type="submit" name="submit" value="Submit" />    
      </p>
    </div></td>
</tr>
              <td></td>
              </tr>  <tr></tr>
          </table>
        </form>
      </div>
      <div style="clear:both"></div> 
 </div>
 <div id="footer"></div>
</div>
 <div align="center">
<img src="images/poweredby.png" height="38" width="802"></div>
</body></html> 


Here is register-exec.php:

PHP Code:

<?php
    //Start session
    session_start();
    
    //Include database connection details
    require_once('config.php');
    include_once ('securimage.php');
    
    //Array to store validation errors
    $errmsg_arr = array();
    
    //Validation error flag
    $errflag = false;
    
    //Connect to mysql server
    $link = mysql_connect(DB_HOST, DB_USER, DB_PASSWORD);
    if(!$link) {
        die('Failed to connect to server: ' . mysql_error());
    }
    
    //Select database
    $db = mysql_select_db(DB_DATABASE);
    if(!$db) {
        die("Unable to select database");
    }
    
    //Function to sanitize values received from the form. Prevents SQL injection
    function clean($str) {
        $str = @trim($str);
        if(get_magic_quotes_gpc()) {
            $str = stripslashes($str);
        }
        return mysql_real_escape_string($str);
    }
    
    //Sanitize the POST values
    $fname = clean($_POST['fname']);
    $lname = clean($_POST['lname']);
    $login = clean($_POST['login']);
    $SiteID = clean($_POST['SiteID']);
    $Age = clean($_POST['Age']);
    $Url = clean($_POST['Url']);
    $realname = clean($_POST['realname']);
    $exitmessage = clean($_POST['exitmessage']);
    $comments = clean($_POST['comments']);
    $password = clean($_POST['password']);
    $cpassword = clean($_POST['cpassword']);
    $securimage = new Securimage();

    
    //Input Validations
    if($fname == '') {
        $errmsg_arr[] = 'First name missing';
        $errflag = true;
    }
    if($lname == '') {
        $errmsg_arr[] = 'Last name missing';
        $errflag = true;
    }
    if($login == '') {
        $errmsg_arr[] = 'Login ID missing';
        $errflag = true;
    }
    if($SiteID == '') {
        $errmsg_arr[] = 'Site ID missing';
        $errflag = true;
        }
    if($Age == '') {
        $errmsg_arr[] = 'Age missing';
        $errflag = true;
        }
    if($Url == '') {
        $errmsg_arr[] = 'Url missing';
        $errflag = true;
    }
    if($exitmessage == '') {
        $errmsg_arr[] = 'Exit Message missing';
        $errflag = true;
    }
    if($comments == '') {
        $errmsg_arr[] = 'Comments missing';
        $errflag = true;
    }
    if($realname == '') {
        $errmsg_arr[] = 'Real Name missing';
        $errflag = true;
    }
    if($password == '') {
        $errmsg_arr[] = 'Password missing';
        $errflag = true;
    }

    if($cpassword == '') {
        $errmsg_arr[] = 'Confirm password missing';
        $errflag = true;
    }

    if( strcmp($password, $cpassword) != 0 ) {
        $errmsg_arr[] = 'Passwords do not match';
        $errflag = true;
    }
        if ($securimage->check($_POST['captcha_code']) == false) {
$errmsg_arr[] = 'Captcha Incorrect';
        $errflag = true;
    }
    

    //Check for duplicate login ID
    if($login != '') {
        $qry = "SELECT * FROM members WHERE login='$login'";
        $result = mysql_query($qry);
        if($result) {
            if(mysql_num_rows($result) > 0) {
                $errmsg_arr[] = 'Login ID already in use';
                $errflag = true;
            }
            @mysql_free_result($result);
        }
        else {
            die("Query failed");
        }
    }
    
    //If there are input validations, redirect back to the registration form
    if($errflag) {
        $_SESSION['ERRMSG_ARR'] = $errmsg_arr;
        session_write_close();
        header("location: register.php");
        exit();
    }

    //Create INSERT query
    $qry = "INSERT INTO members(firstname, lastname, login, SiteID, Age, Url, exitmessage, comments, realname, passwd) VALUES('$fname','$lname','$login','$SiteID','$Age','$Url','$exitmessage','$comments','$realname','".md5($_POST['password'])."')";
    $result = @mysql_query($qry);
    
    //Check whether the query was successful or not
    if($result) {
        header("location: success.php");
        exit();
    }else {
        die("Query failed");
    }
?>

If i could get some help with this i would be greatly appreciated. This can be annoying to other's, and i thought this would be a place to submit a question like this to users with the same problem...

Regards,

Leprechaun Coder

[Gaijin]

Your clean() function doesn't really prevent anything.

PHP Code:

function clean($str) {
        $str = @mysql_real_escape_string(trim(htmlentities($str, ENT_QUOTES)));
        if(get_magic_quotes_gpc()) {
            $str = stripslashes($str);
        }
        return mysql_real_escape_string($str);
    } 


The function htmlentities() takes characters like "<" and ">" and turns them into html entity "&lt;" and "&gt;", "&" = &amp;..... and so on.
You can also use htmlspecialchars(), but I prefer htmlentities().

http://php.net/manual/en/function.htmlentities.php
http://www.supportforums.net/showthread.php?tid=700

[Leprechaun Coder]

Hey could you come on to teamviewer and help me disable html tags if it isn't much trouble.

[Sly]

He already gave you the exact function that you need to use to prevent this from happening. You could at least copy and paste it yourself.

[Leprechaun Coder]

I know but like where do i put it inside my code, i tell you i am a giant noob with php, lol.

[Sly]

If you don't know where to put it inside "your" code, then it's not your code. In either case, it doesn't take a genius to figure out where to put it. Especially since it follows the exact same layout as the function that is already in the code, with a couple of extra functions on one line.

[Leprechaun Coder]

If you don't know where to put it inside "your" code, then it's not your code. In either case, it doesn't take a genius to figure out where to put it. Especially since it follows the exact same layout as the function that is already in the code, with a couple of extra functions on one line.

This code is open source, when i got it it wasnt' secure. You seem to be filled with knowledge. Can you help me?

[Sly]

You have the function in the original code. You have the function that Gaijin posted. Search for the function in your file, and replace it with what he posted. That's all it takes.

[Leprechaun Coder]

Thank you it worked. God you guys are php l33t. Ha