seanstuart Posted January 2, 2008 Share Posted January 2, 2008 I try to login to admin, but when I submit form it just clears its self???? form code.... <?php include_once("../lib/config.php"); include_once(LIB_PATH."Admin.php"); /** * Set the variable, which holds the error message, to an empty variable. */ $error = ""; if($_SERVER['REQUEST_METHOD'] == "POST"){ /** * Sanitize the posted data - remove any html code, if submited, remove "whote" spaces, cast to "string" data type. */ $admin_username = Sanitize::data($_POST['admin_username'], 'string'); $admin_password = Sanitize::data($_POST['admin_password'], 'string'); if(empty($admin_username)){ $error = "Type your username, please!"; }elseif(empty($admin_password)){ $error = "Type your password, please!"; }else{ $admin_obj = new Admin(); if($admin_obj->login($admin_username, $admin_password, &$error)){ //the user is logged successfully, redirect him to the protected area header("location: index.php"); exit; } } } ?> <html> <head> <title>Admin area</title> <link href="../public/style/admin_styles.css" type="text/css" rel="stylesheet" /> </head> <body> <form method="post" action="login.php"> <table align="center" style="margin-top: 10%" class="base"> <tr> <td colspan="2" align="center" class="title">Admin Login Form</td> </tr> <tr> <td colspan="2" align="center" class="error"><?php echo $error; ?></td> </tr> <tr> <td>Username:</td> <td><input type="text" name="admin_username" size="25" value="<?php echo $admin_username; ?>" /></td> </tr> <tr> <td>Password:</td> <td><input type="password" name="admin_password" size="25" /></td> </tr> <tr> <td> </td> <td><input type="submit" name="sb1" value="Submit" /></td> </tr> <tr> <td colspan="2" style="padding-top: 30px"> <a href="forgot_password.php" class="base_link">Forgot password?</a> </td> </tr> </table> </form> </body> </html> admin.php......... <?php include("config.php"); /** * This class is created to handle the admin user functionalities, such as login, forgot password, edit profile. * * @package Takeout&Delivery Module * @author Venelin Manchev * @link http://www.php-developers.net * @version 0.1 */ class Admin { /** * Admin Id number */ var $admin_id; /** * Admin username */ var $admin_username; /** * Admin password */ var $admin_password; /** * Admin email address */ var $admin_email; function Admin($id= 0){ /** * Get the database connection. */ global $db; if($id > 0){ /** * Build the SQL query to grab the admin user info and to set the object properties. */ $sql = "SELECT * from tdm_admin where admin_id = '$id' "; if(!$db->Query($sql)){ logMyErrors(__FILE__, __CLASS__, __METHOD__, __LINE__, $db->Error()); return false; }else{ $admin_array = $db->RecordsArray(MYSQL_ASSOC); if(is_array($admin_array)){ if(count($admin_array) == 1){ foreach($admin_array['0'] as $key=>$value){ $this->$key = $value; } }else{ return false; } } } } } /** * Admin login functionality * * @param string $username Admin username value, posted via the login form. * @param string $password Admin password value, posted via the login form. * @param string &$error_message Error message on failure, passed by reference. * @return boolean True on success, False on failure. If true, a session variable admin_id will hold the admin id number value. */ function login($username, $password, &$error_message) { /** * Get the database connection */ global $db; $sql = "SELECT admin_id, admin_password from tdm_admin where admin_username = '$username' "; if(!$db->Query($sql)){ logMyErrors(__FILE__, __CLASS__, __METHOD__, __LINE__, $db->Error()); return false; }else{ $db->MoveFirst(); $result_data = $db->Row(); if($result_data->admin_id > 0){ if($result_data->admin_password != md5($password)){ $error_message = "Wrong password!"; return false; }else{ $_SESSION['admin_id'] = $result_data->admin_id; return true; } }else{ $error_message = "Wrong username!"; return false; } } } /** * Admin logout functionality * * @return boolean True on successful logout, false otherwise. */ function logout() { session_unset("admin_id"); session_unregister("admin_id"); session_destroy(); } /** * Update an admin account * * @param int $admin_id Admin account id number to update. * @param string &$error Error message text, passed by reference. * @return boolean True on success, false otherwise. */ function updateAdmin($admin_id, &$error){ /** * Get the database connection */ global $db; /** * Validate the posted data. */ if(empty($this->admin_username)){ $error = "Type the username, please!"; return false; }elseif(empty($this->p1)){ $error = "Type the password, please!"; return false; }elseif(empty($this->p2)){ $error = "Confirm the password, please!"; return false; }elseif($this->p1 != $this->p2){ $error = "Retype and confirm the password, please!"; return false; }elseif(!checkEmailAddress($this->admin_email)){ $error = "Type a correct email address, please!"; return false; }else{ /** * Build the SQL query string. */ $sql = "UPDATE tdm_admin set admin_username = '$this->admin_username', admin_password = MD5('$this->p1'), admin_email = '$this->admin_email' "; if(!$db->Query($sql)){ $error = $db->Error(); return false; }else{ return true; } } } /** * Set a new value for object property. */ function setMember($name, $value) { $this->$name = $value; } /** * This method handle the forgot password process. * * The admin user must submit his username. In case of match, the system will generate a new password, will assign it as MD5-encripted hash to the admin account and will send an email to the admin email address with the new password. * *@param string $username Admin username value, submited via the forgot password form. *@param string &$error_message Error message text, passed by reference. *@return boolean True on success, false otherwise. */ function forgotPassword($username, &$error_message) { /** * Get the database connection. */ global $db; $sql = "select * from tdm_admin where admin_username = '$username' "; if(!$db->Query($sql)){ logMyErrors(__FILE__, __CLASS__, __METHOD__, __LINE__, $db->Error()); }else{ $db->MoveFirst(); $result_data = $db->Row(); if($result_data->admin_id > 0){ //generate the new password $new_password = self::generatePassword(); //save the new password $sql = "update tdm_admin set admin_password = MD5('$new_password') where admin_id = '$result_data->admin_id' "; if(!$db->Query($sql)){ logMyErrors(__FILE__, __CLASS__, __METHOD__, __LINE__, $db->Error()); }else{ //get the TXT template $txt_template = file_get_contents(EMAIL_TEMPLATES."admin_forgot.txt"); //setup the template variables $tpl_variables = array("{website}", "{username}", "{password}", "{login_url}"); //setup the template values $tpl_values = array(WEBSITE_DOMAIN, $username, $new_password, ADMIN_LOGIN_URL); //parse the template $txt_message = str_replace($tpl_variables, $tpl_values, $txt_template); //send the new password sendMime($_SESSION['settings']['contact_email'], $_SESSION['settings']['contact_email'], $result_data->admin_email, '', '', 3, 'New password', $txt_message, $html_message); return true; } }else{ $error_message = "Wrong username!"; return false; } } } /** * This method generate a new password. * * In case of forgotten password, we need a new one, geenrated on a random manier. * @access private * @return string New password string. */ function generatePassword() { //generate a random md5 hash $md5_hash = md5(crypt(time())); //the password should be no more than 6 chars in length $new_password = substr($md5_hash, 0, 6); return $new_password; } } ?> > Quote Link to comment https://forums.phpfreaks.com/topic/84158-admin-login-problem/ Share on other sites More sharing options...
hitman6003 Posted January 2, 2008 Share Posted January 2, 2008 Try using a different method for detecting if the post has been submitted: if ($_POST['sb1'] == "Submit") { // Do your login stuff } Quote Link to comment https://forums.phpfreaks.com/topic/84158-admin-login-problem/#findComment-428543 Share on other sites More sharing options...
drummer101 Posted January 2, 2008 Share Posted January 2, 2008 I would suggest isset Quote Link to comment https://forums.phpfreaks.com/topic/84158-admin-login-problem/#findComment-428699 Share on other sites More sharing options...
seanstuart Posted January 3, 2008 Author Share Posted January 3, 2008 is this correct, as i get a blank screen..... if (isset($_POST['sb1'] == "submit")){ sean Quote Link to comment https://forums.phpfreaks.com/topic/84158-admin-login-problem/#findComment-429336 Share on other sites More sharing options...
revraz Posted January 3, 2008 Share Posted January 3, 2008 One or the other.. if (isset($_POST['sb1'])){ if ($_POST['sb1'] == "submit"){ Quote Link to comment https://forums.phpfreaks.com/topic/84158-admin-login-problem/#findComment-429337 Share on other sites More sharing options...
seanstuart Posted January 3, 2008 Author Share Posted January 3, 2008 if (isset($_POST['sb1'])){ form now displays, but still just clears input fields.... ??? Quote Link to comment https://forums.phpfreaks.com/topic/84158-admin-login-problem/#findComment-429352 Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.