From becf2936284961490bf4536151c1cce75adea904 Mon Sep 17 00:00:00 2001
From: BodgeMaster <>
Date: Mon, 24 Feb 2020 04:15:21 +0100
Subject: [PATCH] added user agent string to session variable

---
 threadr/login/redirect.php | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/threadr/login/redirect.php b/threadr/login/redirect.php
index 983025a..051168c 100644
--- a/threadr/login/redirect.php
+++ b/threadr/login/redirect.php
@@ -1,19 +1,19 @@
 <?php
 session_start();
-$username = $_POST['username'];
-$password = $_POST['password'];
 
 $pdo = new PDO('mysql:host=localhost;dbname=web', 'webstuff', 'Schei// auf Pa$$w0rter!');
 $statement = $pdo->prepare('SELECT id, authentication_algorithm, authentication_salt, authentication_string FROM users WHERE name = :username;');
-$result = $statement->execute(array('username' => $username));
+$result = $statement->execute(array('username' => $_POST['username']));
 if ($statement->rowCount() > 0) {
   //existing user name
   $dbentry = $statement->fetch();
   //chechk for correct password
-  if ($dbentry['authentication_string'] == hash($dbentry['authentication_algorithm'], $password . $dbentry['authentication_salt'])) {
+  if ($dbentry['authentication_string'] == hash($dbentry['authentication_algorithm'], $_POST['password'] . $dbentry['authentication_salt'])) {
     //password correct
     $_SESSION['user_id'] = $dbentry['id'];
-    $_SESSION['user_ip'] = $_SERVER['REMOTE_ADDR']; //ip will be used to prevent session stealing
+    // IP and user agent string are used to prevent cheap session stealing
+    $_SESSION['user_ip'] = $_SERVER['REMOTE_ADDR'];
+    $_SESSION['user_http_user_agent'] = $_SERVER['HTTP_USER_AGENT'];
     header("Location: https://lostcave.ddnss.de/common/threadr/userhome/");
   } else {
     //password inorrect