Jump to content

cannot use or change username or password

ktm250

By ktm250
in PHP Coding Help

 Share

Recommended Posts

ktm250 Newbie

ktm250

Posted
Posted

I bought a website written in PHP which uses mySQL.  The site works fine, but the problem I am having is that I cannot access the admin area because the username and password do not work.  The company I bought the site from has been trying to fix the problem for 3 days, but to no avail.  I was wondering if any of you have an idea as to what the problem might be.  They have tried to reset it, make a new one etc etc etc, but nothing works.  Here's the code for the admin login.php file

 

//require "../cron.php";

?>

<BR>

 

<center><form method='post' action='loginck.php'>

<table border='0' width='50%' cellspacing='0' cellpadding='0' >

  <tr id='cat'>

   <td  bgcolor='#606096' align='center' colspan='2'><font face='verdana, arial, helvetica' size='4'  color='#FFF788'> <b>ADMIN LOG IN HERE</b> </font></td></tr>

 

<tr> <td bgcolor='#DFDFDF' ><font face='verdana, arial, helvetica' size='2' align='center'>   Login ID     

</font></td> <td bgcolor='#DFDFDF' align='center'><font face='verdana, arial, helvetica' size='2' >

<input type ='text' class='bginput' name='id'></font></td></tr>

 

<tr> <td bgcolor='#F1F1F1' ><font face='verdana, arial, helvetica' size='2' align='center'>   Password     

</font></td> <td bgcolor='#F1F1F1' align='center'><font face='verdana, arial, helvetica' size='2' >

<input type ='text' class='bginput' name='pw'></font></td></tr>

 

<tr> <td bgcolor='#DFDFDF' colspan='2' align='center'><font face='verdana, arial, helvetica' size='2' align='center'> 

<input type='submit' value='Submit'> <input type='reset' value='Reset'>

</font></td> </tr>

 

Thanks,

Dean

Link to comment
Share on other sites
trq Prolific Member

trq

Posted
Posted

Nothing in that code but html. Can we see the contents of loginck.php?

 

In normal circumstance Ide say just stick with the people who made the app, but by the sounds of it, they don't know what they are doing. How much did you pay for said application?

Link to comment
Share on other sites
ktm250 Newbie

ktm250

Posted
  • Author
Posted

Hi and thanks for the reply. I didn't pay too much, but the site works fine and the guy I bought it from seems to be stringing me along. The file you wanted to see, the loginck.php is as follows

 

<? require "session.php";

?>

<!doctype html public "-//w3c//dtd html 3.2//en">

<html><head><title>Login  display</title>

<meta name="GENERATOR" content="Arachnophilia 4.0">

<meta name="FORMATTER" content="Arachnophilia 4.0">

</head>

 

<body bgcolor="#ffffff" text="#000000" link="#0000ff" vlink="#800080" alink="#ff0000">

<?

require "../include/z_db.php";

require "../include/vars.php";

//require "../$templates/top.php";

include "../$templates/disp_functions.php";

 

require "admin_menu.php";

//echo "SELECT * FROM real_admin WHERE real_admin.adminid='$id' AND real_admin.adminpw = '$pw'";

if($rec=mysql_fetch_array(mysql_query("SELECT * FROM real_admin WHERE real_admin.adminid='$id' AND real_admin.adminpw = '$pw'"))){

if(($rec['adminid']==$id)&&($rec['adminpw']==$pw)){

include "newsession.php";

            echo "<BR><BR><BR>";

      display_msg("WELCOME"," <center>Successfully,Logged in $session[userid]</center>","<a href='logout.php'> Log OUT </a>");

      if(isset($rd) AND strlen($rd)>5 AND ((stristr($rd,"create_subcat.php") ) OR (stristr($rd,"viewads.php")) OR (stristr($rd,"gen.php"))) ){ 

    print "<script>";

        //print " self.location='$rd';";

          print "</script>"; }

 

}

}

else {

 

session_unset();

display_err("Wrong Login. Use your correct  Userid and Password and Try","<input type='button' value='Retry' onClick='history.go(-1)'>");

exit;

 

}

?>

</body></html>

 

I also forgot to mention that I had his programmer move the site from one host to another.  I moved it to lunarpages.com from his site

 

Dean

Link to comment
Share on other sites
trq Prolific Member

trq

Posted
Posted

Apart from the fact that its not coded particularly well or in a very secure manor, there doesn't seem to be anything wrong with it (it is VERY poorly coded however). The passwords are stored in plain text so, if you have phpmyadmin, you should be able to log in and change the passwords yourself. However, I doubt that is the actual problem.

 

My guess. You no longer have register globals turned on on your server. Try adding this to the top of loginck.php.

 

<?php

  $id = isset($_POST['id']) ? $_POST['id'] : '';
  $pw = isset($_POST['pw']) ? $_POST['pw'] : '';

?>

 

Honestly though, I wouldn't give you a dollar for this app if that code is any indication of its quality.

Link to comment
Share on other sites
This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.