Jump to content

admin login problem

seanstuart

By seanstuart
in PHP Coding Help

Recommended Posts

seanstuart Newbie

seanstuart

Posted
Posted

I try to login to admin, but when I submit form it just clears its self????

form code....

<?php
include_once("../lib/config.php");
include_once(LIB_PATH."Admin.php");

/**
* Set the variable, which holds the error message, to an empty variable.
*/
$error = "";

if($_SERVER['REQUEST_METHOD'] == "POST"){

/**
 * Sanitize the posted data - remove any html code, if submited, remove "whote" spaces, cast to "string" data type.
 */
$admin_username = Sanitize::data($_POST['admin_username'], 'string');
$admin_password = Sanitize::data($_POST['admin_password'], 'string');

if(empty($admin_username)){
	$error = "Type your username, please!";
}elseif(empty($admin_password)){
	$error = "Type your password, please!";
}else{
	$admin_obj = new Admin();

	if($admin_obj->login($admin_username, $admin_password, &$error)){
		//the user is logged successfully, redirect him to the protected area
		header("location: index.php");
		exit;
	}
}
}

?>

<html>
<head>
<title>Admin area</title>
<link href="../public/style/admin_styles.css" type="text/css" rel="stylesheet" />  
</head>
<body>

<form method="post" action="login.php">
<table align="center" style="margin-top: 10%" class="base">

<tr>
<td colspan="2" align="center" class="title">Admin Login Form</td>
</tr>

<tr>
<td colspan="2" align="center" class="error"><?php echo $error; ?></td>
</tr>

<tr>
<td>Username:</td>
<td><input type="text" name="admin_username" size="25" value="<?php echo $admin_username; ?>" /></td>
</tr>

<tr>
<td>Password:</td>
<td><input type="password" name="admin_password" size="25" /></td>
</tr>

<tr>
<td> </td>
<td><input type="submit" name="sb1" value="Submit" /></td>
</tr>

<tr>
<td colspan="2" style="padding-top: 30px">
	<a href="forgot_password.php" class="base_link">Forgot password?</a>
</td>
</tr>

</table>

</form>
</body>
</html>

 

admin.php.........

 

<?php
include("config.php");
/**
* This class is created to handle the admin user functionalities, such as login, forgot password, edit profile.
* 
* @package Takeout&Delivery Module
* @author Venelin Manchev
* @link http://www.php-developers.net
* @version 0.1
*/

class Admin {

/**
 * Admin Id number
 */
var $admin_id;

/**
 * Admin username
 */
var $admin_username;

/**
 * Admin password
 */
var $admin_password;

/**
 * Admin email address
 */
var $admin_email;


function Admin($id= 0){

	/**
 	* Get the database connection.
 	*/
	global $db;

	if($id > 0){
		/**
		 * Build the SQL query to grab the admin user info and to set the object properties.
		 */			
		$sql = "SELECT * from tdm_admin where admin_id = '$id' ";

		if(!$db->Query($sql)){
			logMyErrors(__FILE__, __CLASS__, __METHOD__, __LINE__, $db->Error());
			return false;
		}else{
			$admin_array = $db->RecordsArray(MYSQL_ASSOC);

			if(is_array($admin_array)){
				if(count($admin_array) == 1){
					foreach($admin_array['0'] as $key=>$value){
						$this->$key = $value;
					}
				}else{
					return false;
				}
			}
		}
	}
}

/**
 * Admin login functionality
 * 
 * @param string $username	Admin username value, posted via the login form.
 * @param string $password	Admin password value, posted via the login form.
 * @param string &$error_message		Error message on failure, passed by reference.
 * @return boolean	True on success, False on failure. If true, a session variable admin_id will hold the admin id number value. 
 */
function login($username, $password, &$error_message) {

	/**
	 * Get the database connection
	 */
	global $db;

	$sql = "SELECT admin_id, admin_password from tdm_admin where admin_username = '$username' ";

	if(!$db->Query($sql)){
		logMyErrors(__FILE__, __CLASS__, __METHOD__, __LINE__, $db->Error());
		return false;
	}else{
		$db->MoveFirst();
		$result_data = $db->Row();

		if($result_data->admin_id > 0){
			if($result_data->admin_password != md5($password)){
				$error_message = "Wrong password!";
				return false;
			}else{
				$_SESSION['admin_id'] = $result_data->admin_id;
				return true;
			}
		}else{
			$error_message = "Wrong username!";
			return false;
		}

	}
}

/**
 * Admin logout functionality
 * 
 * @return boolean True on successful logout, false otherwise.
 */
function logout() {
	session_unset("admin_id");
	session_unregister("admin_id");
	session_destroy();
}

/**
 * Update an admin account
 * 
 * @param int $admin_id Admin account id number to update.
 * @param string &$error Error message text, passed by reference.
 * @return boolean True on success, false otherwise.
 */
function updateAdmin($admin_id, &$error){

	/**
	 * Get the database connection
	 */
	global $db;

	/**
	 * Validate the posted data.
	 */
	if(empty($this->admin_username)){
		$error = "Type the username, please!";
		return false;
	}elseif(empty($this->p1)){
		$error = "Type the password, please!";
		return false;			
	}elseif(empty($this->p2)){
		$error = "Confirm the password, please!";
		return false;			
	}elseif($this->p1 != $this->p2){
		$error = "Retype and confirm the password, please!";
		return false;			
	}elseif(!checkEmailAddress($this->admin_email)){
		$error = "Type a correct email address, please!";
		return false;
	}else{

		/**
		 * Build the SQL query string.
		 */
		$sql = "UPDATE tdm_admin set
							admin_username = '$this->admin_username',
							admin_password = MD5('$this->p1'),
							admin_email = '$this->admin_email' ";

		if(!$db->Query($sql)){
			$error = $db->Error();
			return false;
		}else{
			return true;
		}
	}
}

/**
 * Set a new value for object property.
 */
function setMember($name, $value) {
	$this->$name = $value;
}	

/**
 * This method handle the forgot password process.
 * 
 * The admin user must submit his username. In case of match, the system will generate a new password, will assign it as MD5-encripted hash to the admin account and will send an email to the admin email address with the new password.
 * 
 *@param string $username Admin username value, submited via the forgot password form.
 *@param string &$error_message	Error message text, passed by reference.
 *@return boolean True on success, false otherwise.
 */
function forgotPassword($username, &$error_message) {

	/**
	 * Get the database connection.
	 */
	global $db;

	$sql = "select * from tdm_admin where admin_username = '$username' ";

	if(!$db->Query($sql)){
		logMyErrors(__FILE__, __CLASS__, __METHOD__, __LINE__, $db->Error());
	}else{
		$db->MoveFirst();
		$result_data = $db->Row();

		if($result_data->admin_id > 0){

			//generate the new password
			$new_password = self::generatePassword();

			//save the new password
			$sql = "update tdm_admin set admin_password = MD5('$new_password') where admin_id = '$result_data->admin_id' ";

			if(!$db->Query($sql)){
				logMyErrors(__FILE__, __CLASS__, __METHOD__, __LINE__, $db->Error());
			}else{

				//get the TXT template
				$txt_template = file_get_contents(EMAIL_TEMPLATES."admin_forgot.txt");

				//setup the template variables
				$tpl_variables = array("{website}", "{username}", "{password}", "{login_url}");

				//setup the template values
				$tpl_values = array(WEBSITE_DOMAIN, $username, $new_password, ADMIN_LOGIN_URL);

				//parse the template
				$txt_message = str_replace($tpl_variables, $tpl_values, $txt_template);

				//send the new password
				sendMime($_SESSION['settings']['contact_email'], 
						 $_SESSION['settings']['contact_email'], 
						 $result_data->admin_email,
						 '',
						 '',
						 3,
						 'New password',
						 $txt_message,
						 $html_message);		

				return true;
			}

		}else{
			$error_message = "Wrong username!";
			return false;
		}			
	}
}

/**
 * This method generate a new password.
 * 
 * In case of forgotten password, we need a new one, geenrated on a random manier.
 * @access private
 * @return string New password string.
 */
function generatePassword() {

	//generate a random md5 hash
	$md5_hash = md5(crypt(time()));

	//the password should be no more than 6 chars in length
	$new_password = substr($md5_hash, 0, 6);

	return $new_password;
}
}

?>

 

>:( >:(

 

Link to comment
https://forums.phpfreaks.com/topic/84158-admin-login-problem/
Share on other sites

Archived

This topic is now archived and is closed to further replies.

Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.