PHP adminlogin form is not working!!
Page 1 of 1
PHP adminlogin form is not working!!
Hello,I have created an script with an admin panel.
But now i am in a problem with login to admin panel.
The problem is:
When i want to login to admin panel by using default username and password as defined in database, it says,
"Please enter currect Username and Password"
^^ I mentioned the problem shortly because i am giving the code below that i made of:
administrator/index.php
- Code: Select all
<?php include('includes/general_header.php'); ?>
<?php
if(isset($_REQUEST['action']) && $_REQUEST['action']=='logout]'){
session_unset();
session_destroy();
js_redirect($_SERVER['PHP_SELF']);
}
if(isset($_GET["msg"]) && $_GET["msg"]=="error")
{
$errorcode = "#D42F1F";
}
else
{
$errorcode="";
}
if(isset($_GET["mg"]) && $_GET["mg"]=="session")
{
$val = "Your Login Session has been Expired, Please Re-Login with your valid username and password";
$code = "#D42F1F";
}
else
{
$val = "";
}
?>
<form name="login" action="loginshed.php" method="post" onsubmit="return validate2()">
<table border="0" cellpadding="2" cellspacing="2" width="100%">
<tr>
<td align="left" valign="top" colspan="2"><h1 style="text-transform:uppercase">administrator login</h1></td>
</tr>
<tr>
<td align="left" valign="top" colspan="2" style="text-transform:uppercase">for the use of administrators only </td>
</tr>
<tr><td align="left" valign="top" colspan="2"> </td></tr>
<tr>
<td align="left" valign="top" colspan="2" style="color:#888">Use a valid username and password to gain access to the administration console.</td>
</tr>
<tr>
<td align="left" valign="top" class="labels"><label for="username">Username:</label></td>
<td align="left" valign="top" class="rows"><input type="text" name="username" id="username" style="width:200px;" class="input" /></td>
</tr>
<tr>
<td align="left" valign="top" class="labels"><label for="password">Password:</label></td>
<td align="left" valign="top" class="rows"><input type="password" name="password" id="password" style="width:200px;" class="input"/></td>
</tr>
<tr>
<td align="left" valign="top"> </td>
<td align="left" valign="top"><button type="submit" name="btnsubmit" class="input" >Login</button> <button type="reset" class="input" >Reset</button></td>
</tr>
<?php if(isset($_GET["logout"]) && $_GET["logout"]=="success") { ?>
<tr>
<td align="left" valign="top"> </td>
<td align="left" valign="top" style="color:#009999">You have successfully logout</td>
</tr>
<?php } ?>
<?php if(isset($_GET["msg"]) && $_GET["msg"]=="sendpass") { ?>
<tr>
<td align="left" valign="top"> </td>
<td align="left" valign="top" style="color:#009999">Your password has been send to your email address</td>
</tr>
<?php } ?>
<?php if($val!="") { ?>
<tr>
<td align="left" valign="top"> </td>
<td align="left" valign="top" style="color:#D42F1F">Your Login Session has been Expired, Please Re-Login</td>
</tr>
<?php } ?>
<?php if($errorcode!="") { ?>
<tr>
<td align="left" valign="top"> </td>
<td align="left" valign="top" style="color:#D42F1F">Please enter currect Username and Password</td>
</tr>
<?php } ?>
<tr><td align="left" valign="top" colspan="2"> </td></tr>
<tr>
<td align="left" valign="top"> </td>
<td align="left" valign="top"><a href="forgotpwd.php">Forgot Password?</a></td>
</tr>
</table>
</form>
<script language="javascript" type="text/javascript">
function validate2()
{
if(document.getElementById('username').value=="")
{
alert('Username Should not be blank');
document.getElementById('username').focus();
return false;
}
else if(document.getElementById('password').value=="")
{
alert('Password should not be Blank');
document.getElementById('password').focus();
return false;
}
else
{
document.login.submit();
}
}
</script>
<?php include('includes/general_footer.php'); ?>
administrator/loginshed.php
- Code: Select all
<?php
include('../settings/config.php');
$username= $_POST["username"];
$password= $_POST["password"];
$sql="SELECT * FROM `adminlogin` WHERE `username`='".$username."' and `password`= '".$password."' ; ";
$res=dbQuery($sql) or die(mysql_error().$sql);
$rec=dbNumRows($res);
if($rec > 0)
{
$s = dbQuery("update `adminlogin` set `logintime`= '".$totaldate."' where `username`='".$username."' ; ");
$_SESSION["adminlogin"]=$username;
header("location: adminhome.php");
}
else
{
header("location: index.php?msg=error");
}
?>
administrator/adminhome.php
- Code: Select all
<?php
include('includes/admin_header.php');
?>
<div style="margin-bottom:10px;">
<h1 style="text-transform:uppercase">Welcome to the admin home page.</h1>
<img src="media/line.png" />
</div>
<div style="padding-bottom:5px;">
Hello <?php echo $_SESSION["adminlogin"]; ?>! <?php if(isset($_GET["msg"]) && $_GET["msg"]=="passchange") { ?><span style="color:#00F">The action has been done successfully!</span><?php } ?>
<?php
include('includes/admin_footer.php');
?>
confiq.php
- Code: Select all
<?php
ob_start();
session_start();
// start the session
ini_set('display_errors', 'On');
error_reporting(E_ALL);
$offset=5*60*60; //converting 5 hours to seconds.10*60*60
$nowFormat="Y-m-d H:i:s";
$totaldate=gmdate($nowFormat, time()-$offset);
/*if(isset($_GET)) {
foreach($_GET as $gvar) {
$_GET[] = mysql_real_escape_string($gvar);
}
}*/
$setseclimithere = 96*60*60; /*[ hours * 60*60 ]*/
$EstimatedCampaigncost = '0.50';
$USAjobcost = '0.35';
$INTjobcost = '0.10';
$Highlightedjobcost = '1.00';
$Boldjobcost = '0.50';
$RecomendedJobfees = '0.15';
$MinJobpost = '20';
$SignUpbonus = '1.00';
$WithdrawDepositReferrallimit = '3';
$WithdrawFees = '5.0'; //%
$DepositFees = '2.5'; //%
$MinimumWithdraw = '10.00';
$ReferralFIRSTJobComplete = '0.10';
$ReferralBalanceReached = '10.00';
$ReferralBalanceReached10 = '1.50';
$FeePerCompletedJob = '5'; //%
$FeePerCompletedJobLESS11 = '10'; //%
$CONTACTUSMAILID = "info@info.com";
$super_admin_name="Saby B";
$super_admin_email="info@info.com";
$app_title="Admin Control Panel";
$app_url = "http://www.yourdomain.com/administrator/"; // keep the trailing slash
$date_format = "jS M Y";
$datetime_format = "jS M Y h:m A";
$globalsitename="www.yourd.com";
$dateformat = 'dd/mm/yyyy';
//mail send deatils:
$URL='http://www.yourdomain.com/';
$fromName="yourdomain";
$SiteName="yourdomain.com";
$from = "info@yourdomain.com";
// database connection config
# for localhost
$dbHost = 'localhost';
$dbUser = 'usenamedb';
$dbPass = 'passworddb';
$dbName = 'dbname';
$dbConn = mysql_connect ($dbHost, $dbUser, $dbPass) or die ('MySQL connect failed. ' . mysql_error());
mysql_select_db($dbName) or die('Cannot select database. ' . mysql_error());
if(isset($_POST)) {
foreach($_POST as $pvar) {
$_POST[] = mysql_real_escape_string($pvar);
}
}
function get_day_difference( $start,$end )
{
$uts['start'] = $start;
$uts['end'] = $end;
if( $uts['start']!==-1 && $uts['end']!==-1 )
{
if( $uts['end'] >= $uts['start'] )
{
$diff = $uts['end'] - $uts['start'];
if( $days=intval((floor($diff/86400))) )
$diff = $diff % 86400;
if( $hours=intval((floor($diff/3600))) )
$diff = $diff % 3600;
if( $minutes=intval((floor($diff/60))) )
$diff = $diff % 60;
$diff = intval( $diff );
return( array('days'=>$days,'hours'=>$hours, 'minutes'=>$minutes, 'seconds'=>$diff) );
}
else
{
trigger_error( "Ending date/time is earlier than the start date/time", E_USER_WARNING );
}
}
else
{
trigger_error( "Invalid date/time data detected", E_USER_WARNING );
}
return( false );
}
function get_sec_difference( $start,$end )
{
$uts['start'] = $start;
$uts['end'] = $end;
if( $uts['start']!==-1 && $uts['end']!==-1 )
{
if( $uts['end'] >= $uts['start'] )
{
$diff = $uts['end'] - $uts['start'];
return( array('seconds'=>$diff) );
}
else
{
trigger_error( "Ending date/time is earlier than the start date/time", E_USER_WARNING );
}
}
else
{
trigger_error( "Invalid date/time data detected", E_USER_WARNING );
}
return( false );
}
function dbQuery($sql)
{
//$sql = addslashes($sql);
// $sql = htmlentities($sql);
// $sql = mysql_real_escape_string($sql);
$result = mysql_query($sql) or die(mysql_error().'<p><b>SQL:</b><br>'.$sql.'</p>');
return $result;
}
function dbAffectedRows()
{
global $dbConn;
return mysql_affected_rows($dbConn);
}
function dbFetchArray($result, $resultType = MYSQL_NUM) {
return mysql_fetch_array($result, $resultType);
}
function dbFetchAssoc($result)
{
return mysql_fetch_assoc($result);
}
function dbFetchRow($result)
{
return mysql_fetch_row($result);
}
function dbFreeResult($result)
{
return mysql_free_result($result);
}
function dbNumRows($result)
{
return mysql_num_rows($result);
}
function dbSelect($dbName)
{
return mysql_select_db($dbName);
}
function dbInsertId()
{
return mysql_insert_id();
}
function getTextAreaContent($text){
// change all HTML special characters,
// to prevent some nasty code injection
$text = htmlspecialchars($text);
// convert newline characters to HTML break tag ( <br> )
$text = nl2br($text);
return $text;
}
function get_single_value($table, $column, $where){
$sql = "select `".$column."` from `".$table."` where ".$where;
$result = dbQuery($sql);
$obj = dbFetchAssoc($result);
dbFreeResult($result);
return stripslashes($obj[$column]);
}
function check_email_address($email) {
// First, we check that there's one @ symbol, and that the lengths are right
if (!ereg("^[^@]{1,64}@[^@]{1,255}$", $email)) {
// Email invalid because wrong number of characters in one section, or wrong number of @ symbols.
return false;
}
// Split it into sections to make life easier
$email_array = explode("@", $email);
$local_array = explode(".", $email_array[0]);
for ($i = 0; $i < sizeof($local_array); $i++) {
if (!ereg("^(([A-Za-z0-9!#$%&'*+/=?^_`{|}~-][A-Za-z0-9!#$%&'*+/=?^_`{|}~\.-]{0,63})|(\"[^(\\|\")]{0,62}\"))$", $local_array[$i])) {
return false;
}
}
if (!ereg("^\[?[0-9\.]+\]?$", $email_array[1])) { // Check if domain is IP. If not, it should be valid domain name
$domain_array = explode(".", $email_array[1]);
if (sizeof($domain_array) < 2) {
return false; // Not enough parts to domain
}
for ($i = 0; $i < sizeof($domain_array); $i++) {
if (!ereg("^(([A-Za-z0-9][A-Za-z0-9-]{0,61}[A-Za-z0-9])|([A-Za-z0-9]+))$", $domain_array[$i])) {
return false;
}
}
}
return true;
}
function js_redirect($url) {
echo "<script language=\"JavaScript\">\n";
echo "<!-- hide from old browser\n\n";
echo "window.location = \"" . $url . "\";\n";
echo "-->\n";
echo "</script>\n";
return true;
}
function send_mail($message, $to, $subject){
// for multiple recipients separate the email ids with a comma
// aidan@example.com, wez@example.com
// Always set content-type when sending HTML email
$headers = "MIME-Version: 1.0" . "\r\n";
$headers .= "Content-type:text/html" . "\r\n";
// Additional headers
$headers .= 'From: piplu <piplu@piplu.com>' . "\r\n";
//$headers .= 'Bcc: mukherjiikunal@gmail.com' . "\r\n";
// Mail it
return mail($to, $subject, $message, $headers)?true:false;
}
function createRandom($number_of_digits=1,$type=3){
/*
type: 1 - numeric, 2 - letters, 3 - mixed.
Usage Examples Below -
$number = createRandom(10);
echo $number;
Output: 6Q1a8C1u9S
echo createRandom(10,1);
Output: 8754381046
echo createRandom(10,2);
Output: dNAoQYOtud
echo createRandom();
Output: 9
*/
for($x=0;$x<$number_of_digits;$x++){
while(substr($num,strlen($num)-1,strlen($num)) == $r){
switch($type){
case "1":
$r = rand(0,9);
break;
case "2":
$r = chr(rand(0,25)+65);
break;
case "3":
if(is_numeric(substr($num,strlen($num)-1,strlen($num)))){
$n = rand(0,999);
if($n % 2){
$r = chr(rand(0,25)+65);
} else {
$r = strtolower(chr(rand(0,25)+65));
}
} else {
$r = rand(0,9);
}
break;
}
}
$new_string .= $r;
}
return $new_string;
}
/**************************
Paging Functions
***************************/
function getPagingQuery($sql, $itemPerPage = 10)
{
if (isset($_GET['page']) && (int)$_GET['page'] > 0) {
$page = (int)$_GET['page'];
} else {
$page = 1;
}
// start fetching from this row number
$offset = ($page - 1) * $itemPerPage;
return $sql . " LIMIT $offset, $itemPerPage";
}
/*
Get the links to navigate between one result page to another.
Supply a value for $strGet if the page url already contain some
GET values for example if the original page url is like this :
http://www.phpwebcommerce.com/plaincart/index.php?c=12
use "c=12" as the value for $strGet. But if the url is like this :
http://www.phpwebcommerce.com/plaincart/index.php
then there's no need to set a value for $strGet
*/
function getPagingLink($sql, $itemPerPage = 10, $strGet = '')
{
$result = dbQuery($sql);
$pagingLink = '';
$totalResults = dbNumRows($result);
$totalPages = ceil($totalResults / $itemPerPage);
// how many link pages to show
$numLinks = 10;
// create the paging links only if we have more than one page of results
if ($totalPages > 1) {
$self = 'http://' . $_SERVER['HTTP_HOST'] . $_SERVER['PHP_SELF'] ;
if (isset($_GET['page']) && (int)$_GET['page'] > 0) {
$pageNumber = (int)$_GET['page'];
} else {
$pageNumber = 1;
}
// print 'previous' link only if we're not
// on page one
if ($pageNumber > 1) {
$page = $pageNumber - 1;
if ($page > 1) {
$prev = " <a href=\"$self?page=$page&$strGet/\">[Prev]</a> ";
} else {
$prev = " <a href=\"$self?$strGet\">[Prev]</a> ";
}
$first = " <a href=\"$self?$strGet\">[First]</a> ";
} else {
$prev = ''; // we're on page one, don't show 'previous' link
$first = ''; // nor 'first page' link
}
// print 'next' link only if we're not
// on the last page
if ($pageNumber < $totalPages) {
$page = $pageNumber + 1;
$next = " <a href=\"$self?page=$page&$strGet\">[Next]</a> ";
$last = " <a href=\"$self?page=$totalPages&$strGet\">[Last]</a> ";
} else {
$next = ''; // we're on the last page, don't show 'next' link
$last = ''; // nor 'last page' link
}
$start = $pageNumber - ($pageNumber % $numLinks) + 1;
$end = $start + $numLinks - 1;
$end = min($totalPages, $end);
$pagingLink = array();
for($page = $start; $page <= $end; $page++) {
if ($page == $pageNumber) {
$pagingLink[] = " $page "; // no need to create a link to current page
} else {
if ($page == 1) {
$pagingLink[] = " <a href=\"$self?$strGet\">$page</a> ";
} else {
$pagingLink[] = " <a href=\"$self?page=$page&$strGet\">$page</a> ";
}
}
}
$pagingLink = implode(' | ', $pagingLink);
// return the page navigation link
$pagingLink = $first . $prev . $pagingLink . $next . $last;
}
return $pagingLink;
}
?>
This 4 php file is combined wiht functions and statements.
Thats why i am giving these 4 php file's code..
Now Please can anyone help me to know why i can't access the admin panel, where's the problem??????
Re: PHP adminlogin form is not working!!
maybe there is redirect problem comment out all redirection and then check and could you please also mention the link of your login page to check it out ?
Page 1 of 1