Login.php:
<?php
session_start();
include("../incs/conf.inc.php");
if ($_SESSION['admin'] == 1) {
header("Location: index.php"); // The user is already logged in.
} elseif (($_COOKIE['user']) && ($_COOKIE['pass'])) {
$user = $_COOKIE['user'];
$pass = $_COOKIE['pass'];
$admin = $level['admin'];
$ip = $_SERVER["REMOTE_ADDR"];
$date = "" . date('l dS \of F Y h:i:s A') . " EST";
//MySQL Query
$q = mysql_query("SELECT * FROM `pcp_users` WHERE password = '$pass' AND username = '$user' AND level <= '$admin'");
$r = mysql_fetch_array($q);
if (mysql_num_rows($q) == 1) {
mysql_query("UPDATE `pcp_users` SET ip = '$ip', date = '$date' WHERE password = '$pass' AND username = '$user' AND level <= '$admin'");
$_SESSION['admin'] = 1;
$_SESSION['user'] = $r['username'];
header("Location: index.php");
} else {
setcookie("user", "", time()-3600);
setcookie("pass", "", time()-3600);
header("Location: login.php");
}
} else {
if ($_GET['s'] == 1) {
if ($_POST['user'] == "") {
header("Location: login.php?e=1");
exit();
} elseif ($_POST['pass'] == "") {
header("Location: login.php?e=2");
exit();
} else {
// Vars
$pass = md5($_POST['pass']); // Encrypts the password.
$user = escape_data($_POST['user']);
$admin = $level['admin'];
$rem = $_POST['rem'];
$ip = $_SERVER["REMOTE_ADDR"];
$date = "" . date('l dS \of F Y h:i:s A') . " EST";
//MySQL Query
$q = mysql_query("SELECT * FROM `pcp_users` WHERE password = '$pass' AND username = '$user' AND level <= '$admin'");
$r = mysql_fetch_array($q);
if (mysql_num_rows($q) == 1) { // Makes sure the username and password match up.
if ($rem != "") {
setcookie(user, $r['username']);
setcookie(pass, $r['password']);
}
mysql_query("UPDATE `pcp_users` SET ip = '$ip', date = '$date' WHERE password = '$pass' AND username = '$user' AND level <= '$admin'");
$_SESSION['admin'] = 1;
$_SESSION['user'] = $r['username'];
header("Location: index.php");
} else {
header("Location: login.php?e=4");
exit();
}
}
} else {
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="US-EN" xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Language" content="en-us">
<meta http-equiv="Content-Type" content="text/html; charset=windows-1252" />
<title>Test</title>
<link rel="stylesheet" type="text/css" href="incs/admin.css" />
<script type="text/javascript" src="incs/tip.js"></script>
<style type="text/css">
body {
background-repeat: repeat-x;
background-image: url(images/login_bg.gif);
}
table {
font-size: 12px;
font-family: verdana, arial, sans-serif;
}
</style>
</head>
<body class="login">
<div align="center">
<table border="0" width="237" cellspacing="0" cellpadding="0" style="margin-top: 88px;">
<tr>
<td>
<img border="0" src="images/login_logo.gif" width="237" height="87"></td>
</tr>
<tr>
<td height="5">
<img border="0" src="images/login_top_bar.gif" width="237" height="5"></td>
</tr>
<tr valign="middle">
<form action="login.php?s=1" method="post">
<td background="images/login_bg2.gif" height="32">
<table border="0" width="100%" cellspacing="0" cellpadding="0" height="102">
<tr>
<td rowspan="5" width="10"> </td>
<td colspan="3" height="12"></td>
<td rowspan="5" width="16" valign="top"><?
if ($_GET['e'] == 1) {
echo "<img src=\"images/info.gif\" style=\"margin-right: 5px;\" width=\"11\" height=\"11\" alt=\"\" onMouseover=\"ddrivetip('<strong class=red>Error:</strong> You need to enter a username.', 300)\"; onMouseout=\"hideddrivetip()\" />";
} elseif ($_GET['e'] == 2) {
echo "<img src=\"images/info.gif\" style=\"margin-right: 5px;\" width=\"11\" height=\"11\" alt=\"\" onMouseover=\"ddrivetip('<strong class=red>Error:</strong> You need to enter a password.', 300)\"; onMouseout=\"hideddrivetip()\" />";
} elseif ($_GET['e'] == 3) {
echo "<img src=\"images/info.gif\" style=\"margin-right: 5px;\" width=\"11\" height=\"11\" alt=\"\" onMouseover=\"ddrivetip('<strong class=red>Error:</strong> You need to enter something other than the default username/password.', 300)\"; onMouseout=\"hideddrivetip()\" />";
} elseif ($_GET['e'] == 4) {
echo "<img src=\"images/info.gif\" style=\"margin-right: 5px;\" width=\"11\" height=\"11\" alt=\"\" onMouseover=\"ddrivetip('<strong class=red>Error:</strong> Incorrect username/password.', 300)\"; onMouseout=\"hideddrivetip()\" />";
} elseif ($_GET['e'] == 5) {
echo "<img src=\"images/info.gif\" style=\"margin-right: 5px;\" width=\"11\" height=\"11\" alt=\"\" onMouseover=\"ddrivetip('<strong class=green>Success:</strong> You have been logged out.', 300)\"; onMouseout=\"hideddrivetip()\" />";
}?>
</td>
</tr>
<tr height="20">
<td>Username:</td>
<td width="5"> </td>
<td><input name="user" class="login" size="18" /></td>
</tr>
<tr height="18">
<td colspan="3"></td>
</tr>
<tr height="20">
<td>Password:</td>
<td> </td>
<td><input name="pass" type="password" class="login" size="18" /></td>
</tr>
<tr height="30">
<td colspan="3" align="left">
<table border="0" width="100%" cellspacing="0" cellpadding="0" height="30">
<tr valign="middle">
<td>
<label style="margin-top: 0;">Remember Me:</label> <input style="margin-top: 0;" name="rem" type="checkbox"></td>
<td align="right"><p class="submit"><input value="" type="submit"></p></td>
</tr>
</table>
</td>
</tr>
</table>
</td>
</form>
</tr>
<tr>
<td height="5">
<img border="0" src="images/login_btm_bar.gif" width="237" height="5"></td>
</tr>
</table>
</div>
</body>
</html>
<?
}
}
?>
Index.php:
<?php
session_start();
include ('../incs/conf.inc.php');
if ($_SESSION['admin'] != 1) {
header("Location: login.php");
} else {
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="US-EN" xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Language" content="en-us">
<meta http-equiv="Content-Type" content="text/html; charset=windows-1252" />
<title>Test</title>
<link rel="stylesheet" type="text/css" href="incs/admin.css" />
<script type="text/javascript" src="incs/tip.js"></script>
<style type="text/css">
body {
background-color: #FFFFFF;
}
table {
font-size: 12px;
font-family: verdana, arial, sans-serif;
}
.side,a {
color: #FFFFFF;
text-decoration: none;
}
div.pure {
width: 400px;
font-size: 12px;
font-family: verdana, arial, sans-serif;
height: 20px;
text-align: left;
position: absolute;
margin-left: 10px;
margin-top: 540px;
}
</style>
</head>
<body>
<table border="0" width="100%" cellspacing="0" cellpadding="0">
<tr>
<td background="images/admin_header.gif" height="52"> </td>
</tr>
<tr>
<td height="100%" align="center">
<table border="0" width="850" cellspacing="0" cellpadding="0">
<tr>
<td colspan="2" background="images/admin_nav.gif" height="35" class="side" style="text-align: center; letter-spacing:2pt">
<div style="margin-left: 15px;"><a href="index.php">Home</a> | Modules | Pages | Users | Look & Feel | Support | <a href="logout.php">Logout</a></div>
</td>
</tr>
<tr>
<td width="193">
<table border="0" width="100%" cellspacing="0" cellpadding="0" height="100%" class="side">
<tr style="text-align: left;">
<td background="images/admin_side_top.gif" height="33">
<table border="0" width="100%" cellspacing="0" cellpadding="0" height="100%" class="side">
<tr>
<td width="15"> </td>
<td style="font-weight: bold; font-size:10px">
www.pure-cp.com</td>
</tr>
</table>
</td>
</tr>
<tr>
<td>
<img border="0" src="images/admin_side_sep.gif" width="193" height="10"></td>
</tr>
<tr>
<td background="images/admin_side_body.gif" height="397" valign="top">
<table border="0" width="100%" cellspacing="0" cellpadding="0" height="29" background="images/admin_side_bg2.gif" class="side">
<tr>
<td width="15"> </td>
<td style="text-align: left" height="29">- Home</td>
</tr>
<tr>
<td width="15"> </td>
<td style="text-align: left" height="29">- News</td>
</tr>
<tr>
<td width="15"> </td>
<td style="text-align: left" height="29">- Help</td>
</tr>
<tr>
<td width="15"> </td>
<td style="text-align: left" height="29">-
Support</td>
</tr>
</table>
</td>
</tr>
<tr>
<td>
<img border="0" src="images/admin_side_btm.gif" width="193" height="4"></td>
</tr>
</table>
</td>
<td background="images/admin_bg.gif" valign="top" height="100%">
<table border="0" width="100%" cellspacing="0" cellpadding="0" height="100%">
<tr>
<td height="440" valign="top" style="text-align: left;">
<?php
if ($_GET['p']) {
include("pages/" . $_GET['p'] . ".inc.php");
} else {
include("pages/main.inc.php");
}
?>
</td>
</tr>
<tr>
<td>
<img border="0" src="images/admin_main_btm.gif" width="657" height="4"></td>
</tr>
</table>
</td>
</tr>
</table>
</td>
</tr>
<tr>
<td height="100%" align="center">
Test</td>
</tr>
</table>
</body>
</html>
<?
}
?>