In: Computer Science
A developer was tasked to building a login / authentication
system for a website. He creates a table,
USER that has the user-name, and password stored in a database
table. He then creates a web-page
that prompts the user to enter in his user-id and password. On the
server side, the developer takes the
two pieces of information (user-id and password) and invokes the
following query:
Select * from USER where user =’$username’ and
password=’$password’
You are tasked on performing a peer review on this development.
What two pieces of feedback would
you give him, and how would you recommend addressing them?
The task is to develop a login/authentication for a
website
data table used is USER
the usernames and passwords are stored in the table
here after the details are stored in the database
if the user enter the information in the login page
It's better to fetch the details based on the username and then
check for the password
it can be done using the query SELECT * FROM USER WHERE username =
"$username"
so if the query is executed the details of the particular user will
be fetched from the database like
{username:"username", password:"password"}
now the password has to be checked from this fetched dictionary so
that there will be an idea whether the details really exist in
database or not
consider the first case:(both are fetched)
while checking the details suppose the password is incorrect then
it cannot be identified like whether the "password is incorrect and
the username is exist" or "the details with that username doesn't
exist in the database"
consider the second case:(only username is fetched)
while checking first if the user name doesn't exist in the database
a message can be displayed like "user doesn't exist" but if the
password is incorrect then a message can be displayed like
"password is incorrect". It cannot be done in the first case
If you have any doubts please comment and please don't dislike.