Jump to content

Recommended Posts

hi :) i'm not that good in php , could you plz help me to find a solution :) , i want to secure my eb page , but i can't login to the main menu even when i type the right name & passeword . help me plz ,  thank you :)

 

index.php: 

<?php 

/** 
* Page de connexion au site sécurisé 
* - Affiche le formulaire 
* - Le traite lorsqu'il est validé 
*/ 

//le formulaire est-il validé? 
$error = "<br><br>"; 

if( isset( $_POST['name'] ) && $_POST['name'] ) 


//la session est déjà initialisé? 
if( !isset($_SESSION) ) 

session_start(); 


// oui ! donc traitement du formulaire 
if( isset( $_POST['name'] ) && !empty( $_POST['name'] ) && ( isset( $_POST['password'] ) && !empty( $_POST['password'] ) ) ) 


/* Sécurisation des données */ { 
$name = htmlentities($_POST['name'], ENT_QUOTES); 
$password = htmlentities($_POST['password'], ENT_QUOTES); 


/* connexion au serveur */ { 
$host = "localhost" ; 
$user = "root" ; 
$password = "" ; 
$base = "user" ; 
mysql_connect($host, $user, $password) or die("erreur de connection à la base") ; // Connexion à MySQL 
mysql_select_db($base) or die("erreur de selection de la base") ; // Sélection de la base 


/* requètage pour vérifier l'existance de cet utilisateur */ { 
$query = sprintf("SELECT COUNT(name) AS 'count' FROM admin WHERE name='%s' AND password='%s'", 
mysql_real_escape_string($name), 
mysql_real_escape_string($password));
$request = mysql_query($query) or die("Erreur avec la requète : $query<br /> Motif : ".mysql_error()); 
$result = mysql_fetch_object($request); 


/* traitement du résultat */ { 
if(!$result->count) 
$error = "Mauvais name et/ou password!<br>"; 
else{ 
// c'est ici que la validation de l'utilisateur se fait! 

$_SESSION['name'] = $name; 
$error = "Merci de vous être identifié $name. , veuillez patienter "; 

header("Refresh: 3; URL= menu.php" );//rafraichissement de la page d'acceuil chaque 3s 








?> 
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> 

<html> 
<head> 

<!-- Basics --> 

<meta charset="utf-8"> 
<meta http-equiv="X-UA-Compatible" content="IE=edge,chrome=1"> 

<title>Login</title> 

<!-- CSS --> 

<link rel="stylesheet" href="css/reset.css"> 
<link rel="stylesheet" href="css/animate.css"> 
<link rel="stylesheet" href="css/styles.css"> 

</head> 

<!-- Main HTML --> 

<body> 




<!-- Begin Page Content --> 
<div id="container"> 

<form name="login-form" method="POST" action="index.php" > 


<label for="name" name='name' onfocus="this.value=''">login:</label> 

<input type="name" name='name'> 

<label for="password" name='password' onfocus="this.value=''">password:</label> 

<p><a href="#">Forgot your password?</a> 

<input type="password" name='password'> 

<div id="lower"> 

<input type="checkbox"><label class="check" for="checkbox">Keep me logged in</label> 

<input type="submit" value="login" action="menu.php" name="login"> 

</div> 
<span> <?php echo $error; ?></span> 
</form> 

</div>

<!-- End Page Content --> 

</body> 

</html> 
_________________
menu.php: 

<?php 
//Sécurisation de la page 
require_once 'fonction.fct.php'; //importer le contenu 
getSecured(); 

?> 

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> 


<html xmlns="http://www.w3.org/1999/xhtml"> 
<head> 
<link rel="stylesheet" type="text/css" href="sty.css"> 

<script type="text/javascript" src="menu.js"></script> 

<!-- Ou copier le code ci-dessus dans les balises : --> 
<script type="text/javascript"> 
</script> 



</head> 
<body> 

<p> <?php echo " welcome {$_SESSION['name']} "; 
?> 
<p></div> 
<div align='left'> 
<ul id="menu" > 

<li> 
<a href="#">NetXMS</a> 
<ul> 
<li><a href="#">infrastructure</a></li> 
<li><a href="#">configuration</a></li> 
<li><a href="#">state nodes</a></li> 
<li><a href="#">syslog</a></li> 
</ul> 
</li> 

<li> 
<a href="#">RADIUS</a> 
<ul> 
<li><a href="#">accounting</a></li> 
<li><a href="#">authorization</a></li> 
<li><a href="#">authentication</a></li> 
<li><a href="#">configuration</a></li> 
</ul> 
</li> 

<li> 
<a href="#">supervisor</a> 
<ul> 
<li> 
<a href="#">add</a> 
<a href="#">modify</a> 
<a href="#">delete</a> 
</li> 
</ul> 
</li> 

<li> 
<a href="#">logout</a> 

</li> 



</ul> 
</div> 
</body> 
</html> 

<?php 


else // Le mot de passe n'est pas bon. 

// On affiche la zone de texte pour rentrer le mot de passe. 
?> 





<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> 
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="fr" lang="fr"> 
<head> 
<title>Visiteur inconnu</title> 
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" /> 
<link rel="stylesheet" media="screen" type="text/css" title="suite" href="design_accueil.css" /> 
<!-- Lien vers la favicon --> 
<link rel="shortcut icon" type="image/x-icon" href="images/favicon.ico" height="48" width="48"/> 
</head> 

<body> 

<!-- Le corps --> 

<div id="corps"> 
<p>Veuillez vous identifier pour accéder au site :</p> 

<form action="index.php" method="post"> 
<p> 
<input type="submit" value="OK" /> 
</p> 
</form> 
</div> 

<!-- Le pied de page --> 

<div id="pied_de_page1"> 

</div> 

</body> 
</html> 






<?php 

} // Fin du else. 

// Fin du code. :) 
?> 

________ 
fonction.fct.php: 

<?php 

/** 
* Fonction getSecured() 
Vérifier si une personne est enregistré 


*/ 

function getSecured() 

//la session est déjà initialisé? 
if( !isset($_SESSION) ) 

session_start(); 

//La personne est-elle déjà enregistré? 
if( !isset($_SESSION['name']) ) 

require_once 'index.php'; 
exit(); 



?>

 

Link to comment
https://forums.phpfreaks.com/topic/276816-secure-web-page/
Share on other sites

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.