Login | Register | FAQ
Anonymous

PHP adminlogin form is not working!!

+ Post a reply

2 posts Page 1 of 1


PHP adminlogin form is not working!!

by ashdemian » Mon Jun 11, 2012 3:09 pm

Hello,

I have created an script with an admin panel.
But now i am in a problem with login to admin panel.

The problem is:
When i want to login to admin panel by using default username and password as defined in database, it says,
"Please enter currect Username and Password"
^^ I mentioned the problem shortly because i am giving the code below that i made of:

administrator/index.php
Code: Select all
<?php include('includes/general_header.php'); ?>
<?php
   if(isset($_REQUEST['action']) && $_REQUEST['action']=='logout]'){         
      session_unset();
      session_destroy();
      js_redirect($_SERVER['PHP_SELF']);
   }
if(isset($_GET["msg"]) && $_GET["msg"]=="error")
{
$errorcode = "#D42F1F";   
}
else
{
  $errorcode="";
}

if(isset($_GET["mg"]) && $_GET["mg"]=="session")
{
   $val = "Your Login Session has been Expired, Please Re-Login with your valid username and password";
   $code = "#D42F1F";
}
else
{
   $val = "";
}
?>
<form name="login" action="loginshed.php" method="post" onsubmit="return validate2()">
<table border="0" cellpadding="2" cellspacing="2" width="100%">
    <tr>
        <td align="left" valign="top" colspan="2"><h1 style="text-transform:uppercase">administrator login</h1></td>
    </tr>
    <tr>
        <td align="left" valign="top" colspan="2" style="text-transform:uppercase">for the use of administrators only </td>
    </tr>
    <tr><td align="left" valign="top" colspan="2">&nbsp;</td></tr>
    <tr>
        <td align="left" valign="top" colspan="2" style="color:#888">Use a valid username and password to gain access to the administration console.</td>
    </tr>
   
    <tr>
        <td align="left" valign="top" class="labels"><label for="username">Username:</label></td>
        <td align="left" valign="top" class="rows"><input type="text" name="username" id="username" style="width:200px;" class="input" /></td>
    </tr>
    <tr>
        <td align="left" valign="top" class="labels"><label for="password">Password:</label></td>
        <td align="left" valign="top" class="rows"><input type="password" name="password" id="password" style="width:200px;" class="input"/></td>
    </tr>                           
    <tr>
        <td align="left" valign="top">&nbsp;</td>
        <td align="left" valign="top"><button type="submit" name="btnsubmit" class="input" >Login</button>&nbsp;<button type="reset" class="input" >Reset</button></td>
    </tr>     
    <?php if(isset($_GET["logout"]) && $_GET["logout"]=="success") { ?>
    <tr>
        <td align="left" valign="top">&nbsp;</td>
        <td align="left" valign="top" style="color:#009999">You have successfully logout</td>
    </tr> 
    <?php } ?>
   <?php if(isset($_GET["msg"]) && $_GET["msg"]=="sendpass") { ?>
    <tr>
        <td align="left" valign="top">&nbsp;</td>
        <td align="left" valign="top" style="color:#009999">Your password has been send to your email address</td>
    </tr> 
    <?php } ?>
   <?php if($val!="") { ?>
    <tr>
        <td align="left" valign="top">&nbsp;</td>
        <td align="left" valign="top" style="color:#D42F1F">Your Login Session has been Expired, Please Re-Login</td>
    </tr> 
   <?php } ?>
   <?php if($errorcode!="") { ?>
    <tr>
        <td align="left" valign="top">&nbsp;</td>
        <td align="left" valign="top" style="color:#D42F1F">Please enter currect Username and Password</td>
    </tr> 
   <?php } ?>   
   <tr><td align="left" valign="top" colspan="2">&nbsp;</td></tr>
    <tr>
        <td align="left" valign="top">&nbsp;</td>
        <td align="left" valign="top"><a href="forgotpwd.php">Forgot Password?</a></td>
    </tr>     
</table>
</form>
<script language="javascript" type="text/javascript">
function validate2()
   {      
      if(document.getElementById('username').value=="")
      {
         alert('Username Should not be blank');
         document.getElementById('username').focus();
         return false;
      }
      else if(document.getElementById('password').value=="")
      {
         alert('Password should not be Blank');
         document.getElementById('password').focus();
         return false;
      }
      else
      {
          document.login.submit();   
      }
   }
</script>
<?php include('includes/general_footer.php'); ?>                   


administrator/loginshed.php
Code: Select all
<?php     
   include('../settings/config.php');
   
   $username= $_POST["username"];
   $password= $_POST["password"];
   
   $sql="SELECT * FROM `adminlogin` WHERE `username`='".$username."' and `password`= '".$password."' ; ";
   $res=dbQuery($sql) or die(mysql_error().$sql);
   $rec=dbNumRows($res);
   if($rec > 0)
   {
      $s = dbQuery("update `adminlogin` set `logintime`= '".$totaldate."' where `username`='".$username."' ; ");
      $_SESSION["adminlogin"]=$username;
      header("location: adminhome.php");
   }
   else
   {
      header("location: index.php?msg=error");
   }      
?>


administrator/adminhome.php
Code: Select all
<?php
include('includes/admin_header.php');
?>

<div style="margin-bottom:10px;">

    <h1 style="text-transform:uppercase">Welcome to the admin home page.</h1>

    <img src="media/line.png" />

</div>

<div style="padding-bottom:5px;">

Hello <?php echo $_SESSION["adminlogin"]; ?>!&nbsp; &nbsp;&nbsp;&nbsp;&nbsp;<?php if(isset($_GET["msg"]) && $_GET["msg"]=="passchange") { ?><span style="color:#00F">The action has been done successfully!</span><?php } ?>

<?php
include('includes/admin_footer.php');
?>


confiq.php
Code: Select all
<?php

ob_start();

session_start();

// start the session

ini_set('display_errors', 'On');

error_reporting(E_ALL);

$offset=5*60*60; //converting 5 hours to seconds.10*60*60

$nowFormat="Y-m-d H:i:s";

$totaldate=gmdate($nowFormat, time()-$offset);

/*if(isset($_GET)) {
foreach($_GET as $gvar) {
$_GET[] = mysql_real_escape_string($gvar);
}
}*/

$setseclimithere = 96*60*60; /*[ hours * 60*60 ]*/

$EstimatedCampaigncost = '0.50';

$USAjobcost = '0.35';

$INTjobcost = '0.10';

$Highlightedjobcost = '1.00';

$Boldjobcost = '0.50';

$RecomendedJobfees = '0.15';

$MinJobpost = '20';

$SignUpbonus = '1.00';

$WithdrawDepositReferrallimit = '3';

$WithdrawFees = '5.0'; //%

$DepositFees = '2.5'; //%

$MinimumWithdraw = '10.00';

$ReferralFIRSTJobComplete = '0.10';

$ReferralBalanceReached = '10.00';

$ReferralBalanceReached10 = '1.50';

$FeePerCompletedJob = '5'; //%

$FeePerCompletedJobLESS11 = '10'; //%





$CONTACTUSMAILID = "[email protected]";

$super_admin_name="Saby B";

$super_admin_email="[email protected]";

$app_title="Admin Control Panel";

$app_url = "http://www.yourdomain.com/administrator/"; // keep the trailing slash

$date_format = "jS M Y";

$datetime_format = "jS M Y h:m A";

$globalsitename="www.yourd.com";

$dateformat = 'dd/mm/yyyy';

//mail send deatils:

$URL='http://www.yourdomain.com/';

$fromName="yourdomain";

$SiteName="yourdomain.com";

$from = "[email protected]";



// database connection config

# for localhost

$dbHost = 'localhost';

$dbUser = 'usenamedb';

$dbPass = 'passworddb';

$dbName = 'dbname';







$dbConn = mysql_connect ($dbHost, $dbUser, $dbPass) or die ('MySQL connect failed. ' . mysql_error());

mysql_select_db($dbName) or die('Cannot select database. ' . mysql_error());


if(isset($_POST)) {
foreach($_POST as $pvar) {
$_POST[] = mysql_real_escape_string($pvar);
}
}

function get_day_difference( $start,$end )

{



       



   $uts['start']      =    $start;



    $uts['end']        =    $end;



    if( $uts['start']!==-1 && $uts['end']!==-1 )



    {



        if( $uts['end'] >= $uts['start'] )



        {



            $diff    =    $uts['end'] - $uts['start'];



            if( $days=intval((floor($diff/86400))) )



                $diff = $diff % 86400;     



            if( $hours=intval((floor($diff/3600))) )



                $diff = $diff % 3600;



            if( $minutes=intval((floor($diff/60))) )



                $diff = $diff % 60;



            $diff    =    intval( $diff );           



            return( array('days'=>$days,'hours'=>$hours, 'minutes'=>$minutes, 'seconds'=>$diff) );



        }



        else



        {



            trigger_error( "Ending date/time is earlier than the start date/time", E_USER_WARNING );



        }



    }



    else



    {



        trigger_error( "Invalid date/time data detected", E_USER_WARNING );



    }



    return( false );



}

function get_sec_difference( $start,$end )

{



       



   $uts['start']      =    $start;



    $uts['end']        =    $end;



    if( $uts['start']!==-1 && $uts['end']!==-1 )



    {



        if( $uts['end'] >= $uts['start'] )



        {



            $diff    =    $uts['end'] - $uts['start'];

           

            return( array('seconds'=>$diff) );



        }



        else



        {



            trigger_error( "Ending date/time is earlier than the start date/time", E_USER_WARNING );



        }



    }



    else



    {



        trigger_error( "Invalid date/time data detected", E_USER_WARNING );



    }



    return( false );



}


function dbQuery($sql)

{


   
   //$sql = addslashes($sql);
   // $sql = htmlentities($sql);
   // $sql = mysql_real_escape_string($sql);
   
   $result = mysql_query($sql) or die(mysql_error().'<p><b>SQL:</b><br>'.$sql.'</p>');



    return $result;

}



function dbAffectedRows()

{

    global $dbConn;

   

    return mysql_affected_rows($dbConn);

}



function dbFetchArray($result, $resultType = MYSQL_NUM) {

    return mysql_fetch_array($result, $resultType);

}



function dbFetchAssoc($result)

{

    return mysql_fetch_assoc($result);

}



function dbFetchRow($result)

{

    return mysql_fetch_row($result);

}



function dbFreeResult($result)

{

    return mysql_free_result($result);

}



function dbNumRows($result)

{

    return mysql_num_rows($result);

}



function dbSelect($dbName)

{

    return mysql_select_db($dbName);

}



function dbInsertId()

{

    return mysql_insert_id();

}







function getTextAreaContent($text){

   // change all HTML special characters,

   // to prevent some nasty code injection

   $text = htmlspecialchars($text);

   // convert newline characters to HTML break tag ( <br> )

   $text = nl2br($text);   

   return $text;

}



function get_single_value($table, $column, $where){

   $sql = "select `".$column."` from `".$table."` where ".$where;

   $result = dbQuery($sql);

   $obj = dbFetchAssoc($result);   

   dbFreeResult($result);

   return stripslashes($obj[$column]);   

}



function check_email_address($email) {

   // First, we check that there's one @ symbol, and that the lengths are right

   if (!ereg("^[^@]{1,64}@[^@]{1,255}$", $email)) {

   // Email invalid because wrong number of characters in one section, or wrong number of @ symbols.

   return false;

   }

   // Split it into sections to make life easier

   $email_array = explode("@", $email);

   $local_array = explode(".", $email_array[0]);

   for ($i = 0; $i < sizeof($local_array); $i++) {

   if (!ereg("^(([A-Za-z0-9!#$%&'*+/=?^_`{|}~-][A-Za-z0-9!#$%&'*+/=?^_`{|}~\.-]{0,63})|(\"[^(\\|\")]{0,62}\"))$", $local_array[$i])) {

   return false;

   }

   }

   if (!ereg("^\[?[0-9\.]+\]?$", $email_array[1])) { // Check if domain is IP. If not, it should be valid domain name

   $domain_array = explode(".", $email_array[1]);

   if (sizeof($domain_array) < 2) {

   return false; // Not enough parts to domain

   }

   for ($i = 0; $i < sizeof($domain_array); $i++) {

   if (!ereg("^(([A-Za-z0-9][A-Za-z0-9-]{0,61}[A-Za-z0-9])|([A-Za-z0-9]+))$", $domain_array[$i])) {

   return false;

   }

   }

   }

   return true;

}



function js_redirect($url) {

    echo "<script language=\"JavaScript\">\n";

    echo "<!-- hide from old browser\n\n";

   

    echo "window.location = \"" . $url . "\";\n";



    echo "-->\n";

    echo "</script>\n";



    return true;

}



function send_mail($message, $to, $subject){

   // for multiple recipients separate the email ids with a comma

   // [email protected], [email protected]

   

   // Always set content-type when sending HTML email

   $headers = "MIME-Version: 1.0" . "\r\n";

   $headers .= "Content-type:text/html" . "\r\n";

   

   // Additional headers

   $headers .= 'From: piplu <[email protected]>' . "\r\n";

   //$headers .= 'Bcc: [email protected]' . "\r\n";



   // Mail it

   return  mail($to, $subject, $message, $headers)?true:false;

}



function createRandom($number_of_digits=1,$type=3){

   /*

   type: 1 - numeric, 2 - letters, 3 - mixed.

   Usage Examples Below -

   

   $number = createRandom(10);

   echo $number;

   Output: 6Q1a8C1u9S

   

   echo createRandom(10,1);

   Output: 8754381046

   

   echo createRandom(10,2);

   Output: dNAoQYOtud

   

   echo createRandom();

   Output: 9

   */

    for($x=0;$x<$number_of_digits;$x++){

        while(substr($num,strlen($num)-1,strlen($num)) == $r){

            switch($type){

                case "1":

                $r = rand(0,9);

                break;

               

                case "2":

                $r = chr(rand(0,25)+65);

                break;

               

                case "3":

                if(is_numeric(substr($num,strlen($num)-1,strlen($num)))){

                 $n = rand(0,999);

                 if($n % 2){

                    $r = chr(rand(0,25)+65);

                } else {

                    $r = strtolower(chr(rand(0,25)+65));

                }                   

                } else {

                 $r = rand(0,9);   

                }               

                break;

                }           

        }

        $new_string .= $r;

    }

    return $new_string;

}



/**************************

   Paging Functions

***************************/



function getPagingQuery($sql, $itemPerPage = 10)

{

   if (isset($_GET['page']) && (int)$_GET['page'] > 0) {

      $page = (int)$_GET['page'];

   } else {

      $page = 1;

   }

   

   // start fetching from this row number

   $offset = ($page - 1) * $itemPerPage;

   

   return $sql . " LIMIT $offset, $itemPerPage";

}



/*

   Get the links to navigate between one result page to another.

   Supply a value for $strGet if the page url already contain some

   GET values for example if the original page url is like this :

   

   http://www.phpwebcommerce.com/plaincart/index.php?c=12

   

   use "c=12" as the value for $strGet. But if the url is like this :

   

   http://www.phpwebcommerce.com/plaincart/index.php

   

   then there's no need to set a value for $strGet

   

   

*/

function getPagingLink($sql, $itemPerPage = 10, $strGet = '')

{

   $result        = dbQuery($sql);

   $pagingLink    = '';

   $totalResults  = dbNumRows($result);

   $totalPages    = ceil($totalResults / $itemPerPage);

   

   // how many link pages to show

   $numLinks      = 10;



      

   // create the paging links only if we have more than one page of results

   if ($totalPages > 1) {

   

      $self = 'http://' . $_SERVER['HTTP_HOST'] . $_SERVER['PHP_SELF'] ;

      



      if (isset($_GET['page']) && (int)$_GET['page'] > 0) {

         $pageNumber = (int)$_GET['page'];

      } else {

         $pageNumber = 1;

      }

      

      // print 'previous' link only if we're not

      // on page one

      if ($pageNumber > 1) {

         $page = $pageNumber - 1;

         if ($page > 1) {

            $prev = " <a href=\"$self?page=$page&$strGet/\">[Prev]</a> ";

         } else {

            $prev = " <a href=\"$self?$strGet\">[Prev]</a> ";

         }   

            

         $first = " <a href=\"$self?$strGet\">[First]</a> ";

      } else {

         $prev  = ''; // we're on page one, don't show 'previous' link

         $first = ''; // nor 'first page' link

      }

   

      // print 'next' link only if we're not

      // on the last page

      if ($pageNumber < $totalPages) {

         $page = $pageNumber + 1;

         $next = " <a href=\"$self?page=$page&$strGet\">[Next]</a> ";

         $last = " <a href=\"$self?page=$totalPages&$strGet\">[Last]</a> ";

      } else {

         $next = ''; // we're on the last page, don't show 'next' link

         $last = ''; // nor 'last page' link

      }



      $start = $pageNumber - ($pageNumber % $numLinks) + 1;

      $end   = $start + $numLinks - 1;      

      

      $end   = min($totalPages, $end);

      

      $pagingLink = array();

      for($page = $start; $page <= $end; $page++)   {

         if ($page == $pageNumber) {

            $pagingLink[] = " $page ";   // no need to create a link to current page

         } else {

            if ($page == 1) {

               $pagingLink[] = " <a href=\"$self?$strGet\">$page</a> ";

            } else {   

               $pagingLink[] = " <a href=\"$self?page=$page&$strGet\">$page</a> ";

            }   

         }

   

      }

      

      $pagingLink = implode(' | ', $pagingLink);

      

      // return the page navigation link

      $pagingLink = $first . $prev . $pagingLink . $next . $last;

   }

   

   return $pagingLink;

}

?>


This 4 php file is combined wiht functions and statements.
Thats why i am giving these 4 php file's code..

Now Please can anyone help me to know why i can't access the admin panel, where's the problem??????
User avatar

ashdemian

  • Posts: 1
  • Joined: Mon Jun 11, 2012 2:50 pm

Re: PHP adminlogin form is not working!!

by XainPro » Tue Aug 21, 2012 10:17 am

maybe there is redirect problem comment out all redirection and then check and could you please also mention the link of your login page to check it out ?
User avatar

XainPro

  • Posts: 3662
  • Joined: Fri Feb 17, 2012 8:10 pm


+ Post a reply

Page 1 of 1