Jump to content

samowns

Members
  • Posts

    12
  • Joined

  • Last visited

samowns's Achievements

Newbie

Newbie (1/5)

0

Reputation

  1. I want to know that if i login as admin wel.php open and if i want to login as mod so mod.php open programs runs fine but when i login as admin or mod same session work i want different page scure
  2. <!DOCTYPE html> <html> <head> <style type="text/css" media="screen"> .ss { border-width: 1px; border-style:solid; width: 100px; height: 100px; </style> <meta charset="utf-8"> <meta http-equiv="X-UA-Compatible" content="IE=edge"> <title></title> <link rel="stylesheet" href=""> </head> <body> <form action="index.php" method="post"> <table align="center" class="ss"> <tr> <td>Name<input type="text" name="name"> </td> </tr> <tr> <td>Pass&nbsp:<input type="password" name="pass"> </td> </tr> <tr> <td>Email<input type="text" name="eml"> </td> <tr> <td><input type="submit" name="sb"> </td> </table> </form> </body> </html> <?php include "db.php"; session_start(); if(isset($_POST['sb'])) { $name=mysqli_real_escape_string($con, $_POST['eml']); $pass=mysqli_real_escape_string($con, $_POST['pass']); $usr=mysqli_real_escape_string($con,'user'); $std='std'; $type='admin'; $qer="select * from users where eml='$name' AND pass='$pass' AND type='$type'"; $sql=mysqli_query($con,$qer); $qer=" select * from users where eml='$name' AND pass='$pass' AND type='$std'"; $sql1=mysqli_query($con,$qer); $qer=" select * from users where eml='$name' AND pass='$pass' AND type='$usr'"; $sql3=mysqli_query($con,$qer); $fe=mysqli_fetch_array($sql); if(is_array($fe)) { $name=$name; $pass=$pass; { header("location:wel.php?msg=Scuessfull login"); } echo "Admin of this site"; } else if($fe=mysqli_fetch_array($sql1)){ if(is_array($fe)) $name=$name; $pass=$pass; echo "Moderator of the site"; { header("location:mod.php?msg=Scuessfull login"); } } else if($fe=mysqli_fetch_array($sql3)){ if(is_array($fe)) $name=$name; $pass=$pass; $_SESSION['eml'] =true; header("location:sim.php?msg=Scuessfull login"); echo "Simple user this site"; } else { echo "invalid pass"; } } ?>
  3. Hello guys am using mysql . login admin panel works fine .but when i use password=1' or '1' = '1 its also working some one please help me i want to safe admin panel here is my code if(isset($_POST['sb'])) { $result = mysql_query("SELECT * FROM admin WHERE eml='" . $_POST["eml"] . "' and pass= '". $_POST["pass"]."'"); $row = mysql_fetch_array($result); if(is_array($row)) { $_SESSION["eml"] = $row['eml']; hash($_SESSION["pass"] = $row['pass']; } else { $message = "<font color='#FF0000'>"."Invalid Username or Password!"."</font>"; } } if(isset($_SESSION["eml"])) { header("Location:./useradmin.php"); }
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.