From 3b059adcf447647d4e958d3029982543ede74246 Mon Sep 17 00:00:00 2001
From: Kamran Zafar <kamranzafar4343@gmail.com>
Date: Mon, 9 Sep 2024 00:48:30 +0500
Subject: [PATCH] feat: "used sessions for security"

---
 Branches.php     |  15 ++++++
 Companies.php    |  13 ++++++
 CompanyInfo.php  |  21 ++++++---
 box.php          |  14 ++++++
 boxDelete.php    |  16 +++++++
 branchDelete.php |  16 +++++++
 branchUpdate.php |  14 ++++++
 create.php       |  16 +++++++
 createBox.php    |  15 ++++++
 createBranch.php |  14 ++++++
 createitem.php   |  17 +++++++
 delete.php       |  16 +++++++
 index.php        |  14 +++++-
 itemDelete.php   |  16 +++++++
 itemUpdate.php   |  15 ++++++
 logout.php       |  12 +++++
 pages-login.php  | 117 ++++++++++++++++++++++++-----------------------
 showItems.php    |  14 ++++++
 update.php       |  18 ++++++++
 19 files changed, 328 insertions(+), 65 deletions(-)

diff --git a/Branches.php b/Branches.php
index 0363a2e..bd13946 100644
--- a/Branches.php
+++ b/Branches.php
@@ -1,4 +1,19 @@
 <?php
+// session_start(); // Start the session
+session_start();
+
+session_regenerate_id(true); // This will regenerate the session ID and delete the old one
+ini_set('session.cookie_secure', '1'); // Only send cookies over HTTPS
+ini_set('session.cookie_httponly', '1'); // Prevent access to cookies via JavaScript (mitigates XSS)
+ini_set('session.cookie_samesite', 'Strict'); // Prevent CSRF attacks by restricting cross-site cookie sharing
+
+
+// Check if the user is logged in
+if (!isset($_SESSION['email'])) {
+    // If not logged in, redirect to login page
+    header("Location: pages-login.php");
+    exit();
+}
 
 include 'db.php'; // Include the database connection
 
diff --git a/Companies.php b/Companies.php
index 2a5cdf1..059da15 100644
--- a/Companies.php
+++ b/Companies.php
@@ -1,6 +1,19 @@
 <?php
 // session_start(); // Start the session
+session_start();
 
+session_regenerate_id(true); // This will regenerate the session ID and delete the old one
+ini_set('session.cookie_secure', '1'); // Only send cookies over HTTPS
+ini_set('session.cookie_httponly', '1'); // Prevent access to cookies via JavaScript (mitigates XSS)
+ini_set('session.cookie_samesite', 'Strict'); // Prevent CSRF attacks by restricting cross-site cookie sharing
+
+
+// Check if the user is logged in
+if (!isset($_SESSION['email'])) {
+    // If not logged in, redirect to login page
+    header("Location: pages-login.php");
+    exit();
+}
 include 'db.php'; // Include the database connection
 
 // // Check if the user is logged in
diff --git a/CompanyInfo.php b/CompanyInfo.php
index ff0df92..0412b56 100644
--- a/CompanyInfo.php
+++ b/CompanyInfo.php
@@ -1,12 +1,21 @@
 <?php
 // session_start(); // Start the session
+session_start();
+
+session_regenerate_id(true); // This will regenerate the session ID and delete the old one
+ini_set('session.cookie_secure', '1'); // Only send cookies over HTTPS
+ini_set('session.cookie_httponly', '1'); // Prevent access to cookies via JavaScript (mitigates XSS)
+ini_set('session.cookie_samesite', 'Strict'); // Prevent CSRF attacks by restricting cross-site cookie sharing
+
+
+// Check if the user is logged in
+if (!isset($_SESSION['email'])) {
+    // If not logged in, redirect to login page
+    header("Location: pages-login.php");
+    exit();
+}
+
 include 'db.php';
-// // Check if the user is logged in
-// if (!isset($_SESSION['loggedin']) || $_SESSION['loggedin'] !== true) {
-//     // User is not logged in, redirect to login page
-//     header("Location: pages-login.php");
-//     exit;
-// }
 
 $result = [];
 $company_data = null;
diff --git a/box.php b/box.php
index 0665ab8..7351bd5 100644
--- a/box.php
+++ b/box.php
@@ -1,5 +1,19 @@
 <?php
+// session_start(); // Start the session
+session_start();
 
+session_regenerate_id(true); // This will regenerate the session ID and delete the old one
+ini_set('session.cookie_secure', '1'); // Only send cookies over HTTPS
+ini_set('session.cookie_httponly', '1'); // Prevent access to cookies via JavaScript (mitigates XSS)
+ini_set('session.cookie_samesite', 'Strict'); // Prevent CSRF attacks by restricting cross-site cookie sharing
+
+
+// Check if the user is logged in
+if (!isset($_SESSION['email'])) {
+    // If not logged in, redirect to login page
+    header("Location: pages-login.php");
+    exit();
+}
 include 'db.php'; // Include the database connection
 
 // Fetch box of the company
diff --git a/boxDelete.php b/boxDelete.php
index a8057b5..0d35860 100644
--- a/boxDelete.php
+++ b/boxDelete.php
@@ -1,4 +1,20 @@
 <?php
+// session_start(); // Start the session
+session_start();
+
+session_regenerate_id(true); // This will regenerate the session ID and delete the old one
+ini_set('session.cookie_secure', '1'); // Only send cookies over HTTPS
+ini_set('session.cookie_httponly', '1'); // Prevent access to cookies via JavaScript (mitigates XSS)
+ini_set('session.cookie_samesite', 'Strict'); // Prevent CSRF attacks by restricting cross-site cookie sharing
+
+
+// Check if the user is logged in
+if (!isset($_SESSION['email'])) {
+    // If not logged in, redirect to login page
+    header("Location: pages-login.php");
+    exit();
+}
+
 include "db.php";
 
 if (isset($_GET['id'])) {
diff --git a/branchDelete.php b/branchDelete.php
index a8057b5..0d35860 100644
--- a/branchDelete.php
+++ b/branchDelete.php
@@ -1,4 +1,20 @@
 <?php
+// session_start(); // Start the session
+session_start();
+
+session_regenerate_id(true); // This will regenerate the session ID and delete the old one
+ini_set('session.cookie_secure', '1'); // Only send cookies over HTTPS
+ini_set('session.cookie_httponly', '1'); // Prevent access to cookies via JavaScript (mitigates XSS)
+ini_set('session.cookie_samesite', 'Strict'); // Prevent CSRF attacks by restricting cross-site cookie sharing
+
+
+// Check if the user is logged in
+if (!isset($_SESSION['email'])) {
+    // If not logged in, redirect to login page
+    header("Location: pages-login.php");
+    exit();
+}
+
 include "db.php";
 
 if (isset($_GET['id'])) {
diff --git a/branchUpdate.php b/branchUpdate.php
index 04175be..343edc3 100644
--- a/branchUpdate.php
+++ b/branchUpdate.php
@@ -1,5 +1,19 @@
 <?php
+// session_start(); // Start the session
+session_start();
 
+session_regenerate_id(true); // This will regenerate the session ID and delete the old one
+ini_set('session.cookie_secure', '1'); // Only send cookies over HTTPS
+ini_set('session.cookie_httponly', '1'); // Prevent access to cookies via JavaScript (mitigates XSS)
+ini_set('session.cookie_samesite', 'Strict'); // Prevent CSRF attacks by restricting cross-site cookie sharing
+
+
+// Check if the user is logged in
+if (!isset($_SESSION['email'])) {
+    // If not logged in, redirect to login page
+    header("Location: pages-login.php");
+    exit();
+}
 
   include "db.php";
 
diff --git a/create.php b/create.php
index 0870b90..3a132d3 100644
--- a/create.php
+++ b/create.php
@@ -1,4 +1,20 @@
 <?php
+// session_start(); // Start the session
+session_start();
+
+session_regenerate_id(true); // This will regenerate the session ID and delete the old one
+ini_set('session.cookie_secure', '1'); // Only send cookies over HTTPS
+ini_set('session.cookie_httponly', '1'); // Prevent access to cookies via JavaScript (mitigates XSS)
+ini_set('session.cookie_samesite', 'Strict'); // Prevent CSRF attacks by restricting cross-site cookie sharing
+
+
+// Check if the user is logged in
+if (!isset($_SESSION['email'])) {
+    // If not logged in, redirect to login page
+    header("Location: pages-login.php");
+    exit();
+}
+
 include "db.php";
 
 if (isset($_POST['submit'])) {
diff --git a/createBox.php b/createBox.php
index f65c879..041597b 100644
--- a/createBox.php
+++ b/createBox.php
@@ -1,4 +1,19 @@
 <?php
+// session_start(); // Start the session
+session_start();
+
+session_regenerate_id(true); // This will regenerate the session ID and delete the old one
+ini_set('session.cookie_secure', '1'); // Only send cookies over HTTPS
+ini_set('session.cookie_httponly', '1'); // Prevent access to cookies via JavaScript (mitigates XSS)
+ini_set('session.cookie_samesite', 'Strict'); // Prevent CSRF attacks by restricting cross-site cookie sharing
+
+
+// Check if the user is logged in
+if (!isset($_SESSION['email'])) {
+    // If not logged in, redirect to login page
+    header("Location: pages-login.php");
+    exit();
+}
 
 include "db.php";
 
diff --git a/createBranch.php b/createBranch.php
index aaf0fd1..edea48d 100644
--- a/createBranch.php
+++ b/createBranch.php
@@ -1,5 +1,19 @@
 <?php
+// session_start(); // Start the session
+session_start();
 
+session_regenerate_id(true); // This will regenerate the session ID and delete the old one
+ini_set('session.cookie_secure', '1'); // Only send cookies over HTTPS
+ini_set('session.cookie_httponly', '1'); // Prevent access to cookies via JavaScript (mitigates XSS)
+ini_set('session.cookie_samesite', 'Strict'); // Prevent CSRF attacks by restricting cross-site cookie sharing
+
+
+// Check if the user is logged in
+if (!isset($_SESSION['email'])) {
+    // If not logged in, redirect to login page
+    header("Location: pages-login.php");
+    exit();
+}
 
 // Retrieve company ID from URL
 $company_id = isset($_GET['id']) ? intval($_GET['id']) : 0;
diff --git a/createitem.php b/createitem.php
index ec52f7e..ed11463 100644
--- a/createitem.php
+++ b/createitem.php
@@ -1,4 +1,21 @@
 <?php
+
+// session_start(); // Start the session
+session_start();
+
+session_regenerate_id(true); // This will regenerate the session ID and delete the old one
+ini_set('session.cookie_secure', '1'); // Only send cookies over HTTPS
+ini_set('session.cookie_httponly', '1'); // Prevent access to cookies via JavaScript (mitigates XSS)
+ini_set('session.cookie_samesite', 'Strict'); // Prevent CSRF attacks by restricting cross-site cookie sharing
+
+
+// Check if the user is logged in
+if (!isset($_SESSION['email'])) {
+    // If not logged in, redirect to login page
+    header("Location: pages-login.php");
+    exit();
+}
+
 // Retrieve company ID from URL
 $branch = isset($_GET['id']) ? intval($_GET['id']) : 0;
 
diff --git a/delete.php b/delete.php
index d6cabdd..19a6988 100644
--- a/delete.php
+++ b/delete.php
@@ -1,5 +1,21 @@
 
 <?php
+// session_start(); // Start the session
+session_start();
+
+session_regenerate_id(true); // This will regenerate the session ID and delete the old one
+ini_set('session.cookie_secure', '1'); // Only send cookies over HTTPS
+ini_set('session.cookie_httponly', '1'); // Prevent access to cookies via JavaScript (mitigates XSS)
+ini_set('session.cookie_samesite', 'Strict'); // Prevent CSRF attacks by restricting cross-site cookie sharing
+
+
+// Check if the user is logged in
+if (!isset($_SESSION['email'])) {
+    // If not logged in, redirect to login page
+    header("Location: pages-login.php");
+    exit();
+}
+
 include "db.php";
 
 
diff --git a/index.php b/index.php
index 693f137..787e65c 100644
--- a/index.php
+++ b/index.php
@@ -1,6 +1,18 @@
 <?php
 // session_start(); // Start the session
-
+session_start();
+
+session_regenerate_id(true); // This will regenerate the session ID and delete the old one
+ini_set('session.cookie_secure', '1'); // Only send cookies over HTTPS
+ini_set('session.cookie_httponly', '1'); // Prevent access to cookies via JavaScript (mitigates XSS)
+ini_set('session.cookie_samesite', 'Strict'); // Prevent CSRF attacks by restricting cross-site cookie sharing
+
+// Check if the user is logged in
+if (!isset($_SESSION['email'])) {
+    // If not logged in, redirect to login page
+    header("Location: pages-login.php");
+    exit();
+}
 include 'db.php';
 
 // // Check if the user is logged in
diff --git a/itemDelete.php b/itemDelete.php
index 3e57423..adf36be 100644
--- a/itemDelete.php
+++ b/itemDelete.php
@@ -1,4 +1,20 @@
 <?php
+// session_start(); // Start the session
+session_start();
+
+session_regenerate_id(true); // This will regenerate the session ID and delete the old one
+ini_set('session.cookie_secure', '1'); // Only send cookies over HTTPS
+ini_set('session.cookie_httponly', '1'); // Prevent access to cookies via JavaScript (mitigates XSS)
+ini_set('session.cookie_samesite', 'Strict'); // Prevent CSRF attacks by restricting cross-site cookie sharing
+
+
+// Check if the user is logged in
+if (!isset($_SESSION['email'])) {
+    // If not logged in, redirect to login page
+    header("Location: pages-login.php");
+    exit();
+}
+
 include "db.php";
 
 if (isset($_GET['id'])) {
diff --git a/itemUpdate.php b/itemUpdate.php
index 900b171..ef27139 100644
--- a/itemUpdate.php
+++ b/itemUpdate.php
@@ -1,4 +1,19 @@
 <?php
+// session_start(); // Start the session
+session_start();
+
+session_regenerate_id(true); // This will regenerate the session ID and delete the old one
+ini_set('session.cookie_secure', '1'); // Only send cookies over HTTPS
+ini_set('session.cookie_httponly', '1'); // Prevent access to cookies via JavaScript (mitigates XSS)
+ini_set('session.cookie_samesite', 'Strict'); // Prevent CSRF attacks by restricting cross-site cookie sharing
+
+
+// Check if the user is logged in
+if (!isset($_SESSION['email'])) {
+    // If not logged in, redirect to login page
+    header("Location: pages-login.php");
+    exit();
+}
 
 include "db.php";
 
diff --git a/logout.php b/logout.php
index 093f51d..1e8edfb 100644
--- a/logout.php
+++ b/logout.php
@@ -1,4 +1,16 @@
+<?php
+session_start();
+
+// Unset all session variables
+$_SESSION = array();
 
+// Destroy the session
+session_destroy();
+
+// Redirect to login page
+header("Location: pages-login.php");
+exit();
+?>
 <!DOCTYPE html>
 <html lang="en">
 
diff --git a/pages-login.php b/pages-login.php
index 3f3fb62..51d0d1f 100644
--- a/pages-login.php
+++ b/pages-login.php
@@ -1,73 +1,74 @@
 <?php
-// session_start(); // Start the session at the beginning of the script
-require 'db.php';
-
-// // Assume you have validated the user's credentials here
-// $validUser = true; // This should be replaced with actual authentication logic
-
-// if ($validUser) {
-//     // Set session variables
-//     $_SESSION['loggedin'] = true;
-
-//     if ($_SERVER['REQUEST_METHOD'] == 'POST') {
-//       // Assume the form field for company name is named 'company_name'
-//       if (isset($_POST['comp_name']) && !empty($_POST['comp_name'])) {
-//           // Assign the form input to a session variable
-//           $_SESSION['comp_name'] = $_POST['comp_name'];
-//       } else {
-//           // Handle the case where the input is not set or is empty
-//           echo "Please provide a company name.";
-//       }
-//   }
-
-//     // Redirect to the index page after successful login
-//     header("Location: index.php");
-//     exit;
-// } else {
-//     echo "Invalid login credentials.";
-// }
+session_start();
+include "db.php";
 
+if ($_SERVER['REQUEST_METHOD'] == 'POST') {
 
-if(isset($_POST["submit"])){
-  $email= mysqli_real_escape_string($conn, $_POST["email"]);
-  $password=mysqli_real_escape_string($conn, $_POST["password"]);
-  
-  $result = mysqli_query($conn, "SELECT * FROM register WHERE email = '$email' ");
+    // Get the user input
+    $email = $_POST['email'];
+    $password = $_POST['password'];
 
-  $row= mysqli_fetch_assoc($result);
+    // Query to check if the username and password are correct
+    $result = $conn->query("SELECT * FROM register WHERE email='$email' AND password='$password'");
 
-  if(mysqli_num_rows($result) > 0){
-    if($password == $row["password"]){
-      $_SESSION["login"]=true;
-      $_SESSION["id"]= $row["id"];
-      header("Location: index.php");
-    }
-    else{
-      echo "<script> alert('Wrong password'); </script>";
+    // If a match is found, set the session
+    if ($result->num_rows > 0) {
+        $_SESSION['email'] = $email; // Set session variable
+        header("Location: index.php"); // Redirect to the dashboard or home page
+    } else {
+        echo "Invalid login!";
     }
 }
-else{
-  echo "<script> alert('User not registered'); </script>";
-}
-}
 
-// define variables and set to empty values
-$email = $password= "";
+// require 'db.php';
 
-if ($_SERVER["REQUEST_METHOD"] == "POST") {
-  $email = test_input($_POST["email"]);
-  $password = test_input($_POST["password"]);
-}
 
-function test_input($data) {
-  $data = trim($data);
-  $data = stripslashes($data);
-  $data = htmlspecialchars($data);
-  return $data;
-}
+// if(isset($_POST["submit"])){
+//   $email= mysqli_real_escape_string($conn, $_POST["email"]);
+//   $password=mysqli_real_escape_string($conn, $_POST["password"]);
+  
+//   $result = mysqli_query($conn, "SELECT * FROM register WHERE email = '$email' AND password='$password'");
+
+//   $row= mysqli_fetch_assoc($result);
+
+//   if(mysqli_num_rows($result) > 0){
+//     if($password == $row["password"]){
+//       $_SESSION["login"]=true;
+//       $_SESSION["id"]= $row["id"];
+//       header("Location: index.php");
+//     }
+//     else{
+//       echo "<script> alert('Wrong password'); </script>";
+//     }
+// }
+// else{
+//   echo "<script> alert('User not registered'); </script>";
+// }
+// }
+
+// // define variables and set to empty values
+// $email = $password= "";
+
+// if ($_SERVER["REQUEST_METHOD"] == "POST") {
+//   $email = test_input($_POST["email"]);
+//   $password = test_input($_POST["password"]);
+// }
+
+// function test_input($data) {
+//   $data = trim($data);
+//   $data = stripslashes($data);
+//   $data = htmlspecialchars($data);
+//   return $data;
+// }
+// //new code
+// <?php
+// Start the session
 
 ?>
 
+<!-- 
+?> -->
+
 <!DOCTYPE html>
 <html lang="en">
 
@@ -147,7 +148,7 @@ function test_input($data) {
                     <p class="text-center small">Enter your email & password</p>
                   </div>
 
-                  <form class="row g-3 needs-validation"  method="post" action="<?php echo htmlspecialchars ($_SERVER["PHP_SELF"]);?>">
+                  <form class="row g-3 needs-validation"  method="POST" action="">
 
                     <div class="col-12">
                       <label for="yourEmail" class="form-label">Your Email</label>
diff --git a/showItems.php b/showItems.php
index 490f423..cf4ff62 100644
--- a/showItems.php
+++ b/showItems.php
@@ -1,5 +1,19 @@
 <?php
+// session_start(); // Start the session
+session_start();
 
+session_regenerate_id(true); // This will regenerate the session ID and delete the old one
+ini_set('session.cookie_secure', '1'); // Only send cookies over HTTPS
+ini_set('session.cookie_httponly', '1'); // Prevent access to cookies via JavaScript (mitigates XSS)
+ini_set('session.cookie_samesite', 'Strict'); // Prevent CSRF attacks by restricting cross-site cookie sharing
+
+
+// Check if the user is logged in
+if (!isset($_SESSION['email'])) {
+    // If not logged in, redirect to login page
+    header("Location: pages-login.php");
+    exit();
+}
 include 'db.php'; // Include the database connection
 
 // Get company ID from query string
diff --git a/update.php b/update.php
index 8a39f8e..153384a 100644
--- a/update.php
+++ b/update.php
@@ -1,3 +1,21 @@
+<?php
+// session_start(); // Start the session
+session_start();
+
+session_regenerate_id(true); // This will regenerate the session ID and delete the old one
+ini_set('session.cookie_secure', '1'); // Only send cookies over HTTPS
+ini_set('session.cookie_httponly', '1'); // Prevent access to cookies via JavaScript (mitigates XSS)
+ini_set('session.cookie_samesite', 'Strict'); // Prevent CSRF attacks by restricting cross-site cookie sharing
+
+
+// Check if the user is logged in
+if (!isset($_SESSION['email'])) {
+    // If not logged in, redirect to login page
+    header("Location: pages-login.php");
+    exit();
+}
+?>
+
 <!DOCTYPE html>
 <html lang="en">