arunkr Posted November 29, 2010 Share Posted November 29, 2010 <?php session_start( ); include_once( dirname( __FILE__ )."/../inc/func/get_sth.php" ); include_once( _ABSPATH_."/inc/func/header.php" ); if ( $_GET["f"] == "login" ) { $adminuser = strtolower( strip_tags( trim( $_POST["adminuser"] ) ) ); $r_0 = strtolower( strip_tags( trim( $_SESSION["r"] ) ) ); $r_1 = strtolower( strip_tags( trim( $_POST["r"] ) ) ); if ( $r_0 == $r_1 ) { $result = mysql_query( "SELECT password FROM admin where adminuser='".$adminuser."'" ); $val = mysql_fetch_array( $result ); if ( !$val["password"] ) { $loginfail = 1; } else { if ( $val[password] === md5( $_POST["password"] ) ) { $_SESSION['admin'] = $adminuser; header( "Location: ./" ); exit( ); } $loginfail = 1; } } else { $loginfail = 2; } } $page_title = l( "Administration Login" )." | ".get_sitename( ); $smarty->assign( "page_title", $page_title ); $smarty->assign( "loginfail", $loginfail ); $smarty->display( "mgt/login.tpl" ); ?> Quote Link to comment Share on other sites More sharing options...
arunkr Posted November 29, 2010 Author Share Posted November 29, 2010 Login.tpl <form id="form1" name="form1" method="post" action="?f=login"> <table width="100%" border="0" cellspacing="5"> <tr> <td width="45%" height="50" align="right" valign="bottom">{l t='Admin User'}</td> <td valign="bottom"><label> <input type="text" name="adminuser" id="adminuser" value="{$smarty.post.adminuser}" /> </label></td> </tr> <tr> <td width="45%" height="40" align="right" valign="bottom">{l t='Password'}</td> <td valign="bottom"><input type="password" name="password" id="password" value="{$smarty.post.password}"/></td> </tr> <tr> <td height="41" align="right" valign="bottom">{l t='Secure Code'}</td> <td valign="bottom"><input type="input" name="r" id="r" style="width:50px;" /> <img src="auth_img.php" /></td> </tr> <tr> <td></td> <td><div style="float:left; margin:0 auto;background-color:#FF9; color:red; font-weight:bold; display:{if $loginfail!=1}none{/if}">Invalid Username or Password! </div> <div style="float:left; margin:0 auto;background-color:#FF9; color:red; font-weight:bold; display:{if $loginfail!=2}none{/if}">Invalid Secure Code! </div></td> </tr> <tr> <td height="80" colspan="2" align="center" valign="center"><label> <input type="submit" name="button" id="button" value=" {l t='Log in'} " /> </label></td> </tr> </table> </form> Quote Link to comment Share on other sites More sharing options...
Rifts Posted November 29, 2010 Share Posted November 29, 2010 do you have a database set up? also if you have access to these files dont you have access to the admin login Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.