/**
* The login page handler.
*
* @access public
* @return string The HTML code.
*/
public function login()
{
$this->getView()->set('Error', null);
if (Request::get('login') && Request::get('password')) {
$Admin = new Admin();
if ($Admin->login(Request::get('login'), Request::get('password')) !== false) {
$this->halt();
} else {
$this->getView()->set('Error', 'Wrong password');
}
}
return $this->getView()->render();
}
public function run()
{
$email = $_POST['login'];
$password = hashpassword('md5', $_POST['password'], HASH_PASSWORD_KEY);
$admin = Admin::login($email, $password);
if ($admin) {
// login
Session::init();
Session::set('role', $admin->admin_role);
Session::set('loggedIn', true);
Session::set('admin_id', $admin->admin_id);
header('location: ../index');
} else {
$_SESSION['adminmessage'] = "Username or Password is wrong.";
header('location: ../login');
}
}
<!-- Collect the nav links, forms, and other content for toggling -->
<div class="collapse navbar-collapse" id="bs-example-navbar-collapse-1">
<ul class="nav navbar-nav">
<li><a href="../bio.php"><span class="glyphicon glyphicon-leaf"></span> A propos</a></li>
</ul>
</div><!-- /.navbar-collapse -->
</div><!-- /.container-fluid -->
</nav>
<div id="container" class="container">
<h1>admin</h1>
<?php
$admin = new Admin();
$admin->display($session);
if (isset($_POST['login'])) {
$admin->login($_POST['pseudo'], $_POST['password']);
}
?>
<?php
if (isset($_POST['modifier'])) {
$admin->updatePics($_POST['titre'], $_POST['soustitre'], $_POST['id']);
}
if (isset($_POST['galmodifier'])) {
$_SESSION['gallery'] = htmlspecialchars($_POST['galtitre'], ENT_QUOTES);
$admin->updateGals($_POST['galtitre'], $_POST['galsoustitre'], $_POST['galid']);
}
?>
</div>
<?php
if (isset($_POST['uname']) && $_POST['uname'] != "" && isset($_POST['pwd']) && $_POST['pwd'] != "") {
$msg_1 = null;
$load_result_a[] = null;
$uname = $_POST['uname'];
$pwd = $_POST['pwd'];
$ret_1 = Admin::login($uname, $pwd);
echo $uname;
$res_type = is_resource($ret_1) ? get_resource_type($ret_1) : gettype($ret_1);
if (strpos($res_type, 'mysql') === false) {
$msg_1 = 'Invalid resource type: ' . $res_type;
} else {
$total_row_1 = mysql_num_rows($ret_1);
if ($total_row_1 > 0) {
while ($rows_1 = mysql_fetch_row($ret_1)) {
$load_result_a[1] = $rows_1[0];
//user name
echo "1";
}
} else {
$msg_1 = "No record Found!";
}
mysql_free_result($ret_1);
}
}
<p>Enter the admin password to login.</p>
</div>
</div>
</header>
<div id="main">
<div class="centre">
<form action="" method="post">
<div class="form-row">
<label for="login-password">Password</label>
<input type="password" name="login-password" autofocus required/>
</div>
<div class="form-row">
<input type="submit" name="login-submit" value="Login"/>
</div>
</form>
<?php
require_once 'php/Admin.php';
if (!empty($_POST['login-submit'])) {
if (!empty($_POST['login-password'])) {
$response = Admin::login($_POST['login-password']);
echo $response;
} else {
echo '<p class="error">Please enter a password.</p>';
}
}
?>
</div>
</div>
<?php
ob_start();
session_start();
require_once "../lib/config.inc.php";
require_once "../lib/classes/Admin.php";
$adminObj = new Admin();
$commonObj->clearCache();
if (isset($_POST["frmSubmit"]) && $_POST["frmSubmit"] == "yes") {
$username = $commonObj->praseData($_POST["username"]);
$password = sha1($commonObj->praseData($_POST["password"]));
$adminObj->login($username, $password);
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<link rel="shortcut icon" type="image/x-icon" href="images/favicon.ico">
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<title><?php
echo ucfirst(SITE_ADMIN_TITLE);
?>
</title>
<link href="css/style.css" rel="stylesheet" type="text/css" />
<link rel="shortcut icon" type="image/x-icon" href="images/favicon.ico" /><script src="lib/js/jquery.js" language="javascript"></script>
<script src="lib/js/common.js" language="javascript"></script>
<script>
function validateFrm(obj) {
var errArr = new Array();
errArr[errArr.length] ="<strong>Error: Following is missing:</strong>" ;
$next = $pid + 1;
echo " <a href='?page=" . $_GET['page'] . '&action=' . $_GET['action'] . '&do=' . $_GET['do'] . "&page-id={$next}'>></a> ";
echo " ";
echo " <a href='?page=" . $_GET['page'] . '&action=' . $_GET['action'] . '&do=' . $_GET['do'] . "&page-id={$lastPage}'>>></a>";
}
echo ' </div>';
break;
}
}
} else {
echo '<h1>Admin Panel</h1>';
if ($_SERVER['REQUEST_METHOD'] == "POST") {
if (empty($_POST['username']) || empty($_POST['password'])) {
echo '<p id="response" class="notification red">Please fill in all the fields.</p>';
} else {
if ($admin->login($_POST['username'], $_POST['password'])) {
echo '<p id="response" class="notification green">You have successfully logged in. Please wait until the page reloads.</p>';
$loggedIn = true;
$log->addLog($_SESSION['loggedIn']['id'], "Logged in.");
redirect("", "3");
} else {
echo '<p id="response" class="notification red">The user / password combination was incorrect. Please try again.</p>';
}
}
}
if ($loggedIn !== true) {
?>
<form class="styled" action="" method="post">
<label>Username</label>
<input type="text" name="username" value="" />
<?php
require '../config.php';
if (isset($_POST['admin_username']) && isset($_POST['admin_password'])) {
$admin_username = $_POST['admin_username'];
$admin_password = $_POST['admin_password'];
$admin_username = htmlspecialchars($admin_username);
$admin_password = htmlspecialchars($admin_password);
$admin_username = str_replace("'", "", $admin_username);
$admin_password = str_replace("'", "", $admin_password);
$admin_password = md5($admin_password);
$admin = Admin::login($admin_username, $admin_password);
if ($admin) {
header("location: ../visnjica/home.php");
} else {
echo "Neposotjeci korisnik <br>";
echo "<a href='index.php'>Pokusajte ponovo</a>";
}
}
/*
$admins = Admin::get($_SESSION['admin_id']);
//print_r($admins);
foreach ($admins as $a){
echo $a[0];
}
$curdate = new DateTime('l');
$curdate = $curdate->format('d M Y');
$admin = new Admin();
$admin->admin_id = $a[0];
$admin->admin_last_seen = $curdate;
?>
<h2>Logg inn som administrator</h2>
<div id="feilmelding"></div>
<?php
$innlogget = false;
// Brukernavn: sjefen
// Passord: svaktpassord
if (isset($_POST['knapp'])) {
$bnavn = $_POST['bnavn'];
$pord = $_POST['pord'];
$admin = new Admin();
if ($bnavn == "" || $pord == "") {
echo "<p class=\"feilmelding\">Fyll ut begge feltene</p>";
} else {
if (!$admin->login($bnavn, $pord)) {
echo "<p class=\"feilmelding\">Feil kombinasjon av brukernavn og passord</p>";
} else {
$innlogget = true;
$_SESSION['admin'] = serialize($admin);
echo "<p>Du er nå logget inn som " . $bnavn . ", og kan <a href=\"index.php\">gå videre til nettbutikken.</a></p>";
}
}
}
if (!$innlogget) {
?>
<form name="alogin" action="" method="post">
<p><label for="bnavn">Brukernavn</label><input type="text" name="bnavn" id="bnavn" /></p>
<p><label for="pord">Passord</label><input type="password" name="pord" id="pord" /></p>
<p><input type="submit" name="knapp" value="Logg inn" onClick="return valider_alle()" /></p>
</form>
public function action_index()
{
$session = Session::instance();
$post = $this->request->post();
$showLogin = true;
$view = View::factory('admin')->bind('showLogin', $showLogin);
if ($session->get('isAdminLoggedIn') == false) {
if (isset($post['submit'])) {
$user = $post['username'];
$pass = $post['password'];
$session->set('isAdminLoggedIn', false);
$loginSuccess = false;
if (Admin::login($user, $pass) == true) {
$loginSuccess = true;
$session->set('userType', 'admin');
$session->set('username', $user);
$session->set('isAdminLoggedIn', true);
$_SESSION['auth_user'] = $user;
}
if ($loginSuccess == true) {
echo '<script language="javascript">';
echo 'alert("Loggin successfully as Admin. ")';
echo '</script>';
header("Refresh:2; url=admin?p=null");
} else {
echo '<script language="javascript">';
echo 'alert("Wrong Username or Password, please try again.")';
echo '</script>';
}
}
} else {
$showLogin = false;
if (HTTP_Request::POST == $this->request->method()) {
if (isset($post['submit-approvecompany'])) {
if (isset($post['iCom'])) {
foreach ($post['iCom'] as $idCom) {
Admin::approveCompany($idCom);
}
echo '<script language="javascript">';
echo 'alert("Companies approved")';
echo '</script>';
} else {
echo '<script language="javascript">';
echo 'alert("Must select companies for approval ")';
echo '</script>';
}
header("Refresh:2; url=admin?p=null");
} elseif (isset($post['submit-approveproject'])) {
if (isset($post['iPro'])) {
foreach ($post['iPro'] as $idPro) {
Admin::approveProject($idPro);
}
echo '<script language="javascript">';
echo 'alert("Projects approved")';
echo '</script>';
} else {
echo '<script language="javascript">';
echo 'alert("Must select project for approval ")';
echo '</script>';
}
header("Refresh:2; url=admin?p=null");
} elseif (isset($post['submit-finishproject'])) {
if (isset($post['iPro'])) {
foreach ($post['iPro'] as $idPro) {
Admin::finishProject($idPro, $post['linkPro' . $idPro]);
}
echo '<script language="javascript">';
echo 'alert("Projects finished ")';
echo '</script>';
} else {
echo '<script language="javascript">';
echo 'alert("Must select project to be finished. ")';
echo '</script>';
}
header("Refresh:2; url=admin?p=null");
}
}
$p = $this->request->query('p');
if ($p == 'approvecompany') {
$inactiveCompanies = Company::getInactiveCompanies();
$view->inactiveCompanies = $inactiveCompanies;
}
if ($p == 'approveproject') {
$inactiveProjects = Project::getInactiveProjects();
$view->inactiveProjects = $inactiveProjects;
}
if ($p == 'finishproject') {
$projects = MyDB::getAllProjects();
$view->projects = $projects;
}
$view->p = $p;
}
$this->response->body(View::factory('header') . $view);
}
<button onclick="location.href='?p=approveproject'" type='button' class='btn btn-success btn-md' id='approveprojectbtn' >Approve Projects</button>
<button onclick="location.href='?p=finishproject'" type='button' class='btn btn-success btn-md' id='approveprojectbtn' >Finish Projects</button>
</div>
</div>
<div class='col-md-8'>
<?php
if ($_SESSION['isAdminLoggedIn'] == false) {
if (isset($_POST['submit'])) {
$user = $_POST['username'];
$pass = $_POST['password'];
$adminObj = new Admin($user, md5($pass));
$_SESSION['isAdminLoggedIn'] = false;
$loginSuccess = false;
if ($adminObj->login() > -1) {
$loginSuccess = true;
$_SESSION['userType'] = 'admin';
$_SESSION['username'] = $user;
$_SESSION['pwHash'] = $adminObj->getPwHash();
$_SESSION['isAdminLoggedIn'] = true;
}
if ($loginSuccess == true) {
echo "login successfull <br> logged in as: " . $_SESSION['userType'];
header("Refresh:2; url=admin.php");
} else {
echo "wrong username or password";
}
} else {
echo "<form id='loginForm' role='form' action='admin.php' method='POST'>\n \n <fieldset>\n <legend>Log on</legend>\n <ol>\n <li>\n <label for='username'>Username:</label> \n <input type='text' class='form-control' name='username' value='' id='username' />\n </li>\n <li>\n <label for='password'>Password:</label>\n <input type='password' class='form-control' name='password' value='' id='password' />\n </li>\n </ol>\n <input type='submit' class='btn btn-default' name='submit' value='Login' />\n \n </fieldset>\n </form>\n <br>";
}
<?php
require_once $_SERVER['DOCUMENT_ROOT'] . '/includes/global.php';
require_once DOC_ROOT . '/includes/classes/class.html.php';
require_once DOC_ROOT . '/includes/classes/class.admin.php';
$admin = new Admin();
if (!empty($_POST)) {
$email = get_param('email');
$password = get_param('password');
if ($admin->login($email, $password)) {
redirect('/admin/index.php');
} else {
$error['login'] = true;
}
}
$html = new HTML('admin');
$html->set_title('Meocracy Admin Login');
?>
<form method="post">
<label for="email">Admin Email</label><input type="text" id="email" name="email" value="<?php
echo isset($email) ? $email : '';
?>
"/><br/>
<label for="password">Password</label><input type="password" id="password" name="password"/><br/>
<p id="submit-block">
<input type="submit" value="Login"/><br/>
</p>
</form>
<script type="text/javascript">
$(document).ready(function() {
$('#email').focus();
return sprintf("'%s', '%s' adli kullanicinin erisimini yasakladi.", $this->username, $username);
}
}
}
class Moderator extends User
{
public $user = array("username" => "Moderator", "email" => "moderator[at]harunyasar[.]com", "password" => "54godzilla54");
public function edit($record)
{
if ($this->isLoggedIn()) {
return sprintf("'%s', '#%s' numarali icerigi duzenledi.", $this->username, $record);
}
}
}
$admin = new Admin("Admin", "admin[at]harunyasar[.]com", "13gojira13");
$admin->login();
echo $admin->ban("Moderator");
// 'Admin', 'Moderator' adli kullanicinin erisimini yasakladi.
echo "<br />";
echo $admin->post("Kurallar");
// 'Admin', 'Kurallar' baslikli yeni bir icerik yaratti.
echo "<br />";
$moderator = new Moderator("Moredator", "moderator[at]harunyasar[.]com", "54godzilla54");
$moderator->login();
echo $moderator->edit(1349);
// 'Moredator', '#1349' numarali icerigi duzenledi.
echo "<br />";
echo $moderator->post("Uyari");
// 'Moredator', 'Uyari' baslikli yeni bir icerik yaratti.
echo "<br />";
echo $moderator->logout();
<?php
$admin = new Admin();
$admin->username = $_POST['username'];
$admin->password = $_POST['password'];
if (!$admin->login()) {
$_SESSION['error'] = 'Login Failed! Wrong username or password.';
}
header('Location: /');
if ($admin->cfg->debug_mode < 1) {
ini_set('display_errors', 'off');
error_reporting(E_ERROR);
} else {
$admin->tpl->force_compile = true;
/*if ($admin->cfg->debug_mode') > 1) {
$admin->tpl->debugging = true;
}*/
}
$admin->slim->notFound(function () use($admin) {
$admin->tpl->assign('err_code', 404);
$admin->tpl->display('error.tpl');
});
// Handle POST login/logout
$admin->slim->post('/login', function () use($admin) {
if ($admin->login($_POST['username'], $_POST['password'])) {
$admin->slim->redirect(BASE_URL . 'index.php/overview');
} else {
$admin->slim->redirect(BASE_URL);
}
});
$admin->slim->post('/ajaxlogin', function () use($admin) {
$admin->slim->contentType('application/json');
echo json_encode($admin->login($_POST['username'], $_POST['password']));
});
$admin->slim->post('/logout', function () use($admin) {
// Unset session variables
if (isset($_SESSION["username"])) {
unset($_SESSION["username"]);
}
// Delete the session cookie
<?php require_once "../helper.php"; require_once "../classes/Admin.class.php"; $helper = new Helper(); $companyObj = new Admin(); $result = $companyObj->login($_POST); echo json_encode($result);
<?php
if (Admin::isLogged()) {
jump('index.php?page=home');
}
if ($config->isPost()) {
// vine din forma
if (Admin::login($_POST['email'], $_POST['password'])) {
jump('index.php?page=home');
} else {
$smarty->assign('error_login', 'Login failed!');
}
}
// incarcam pagina de login
$smarty->assign('CONTENT', 'components/login.tpl');
<?php
if (isset($_SESSION['adm_id']) && $_SESSION['adm_id'] != '') {
echo '<script language="javascript">location.href = "index.php?page=welcome";</script>';
exit;
} else {
if ($_POST['adm_id'] && $_POST['adm_pwd']) {
$param['adm_id'] = $tools->sql_injection_anti($_POST['adm_id']);
$param['adm_pwd'] = $tools->sql_injection_anti($_POST['adm_pwd']);
include_once LIB_PATH . "Table/Admin.class.php";
$admin = new Admin();
// get user data
$res = $admin->login($param['adm_id']);
if ($res) {
if ($res["passwd"] === $param['adm_pwd']) {
$_SESSION['adm_id'] = $res['admin_id'];
$_SESSION['adm_name'] = $res['name'];
$_SESSION['adm_email'] = $res['email'];
$_SESSION['account'] = $res['account'];
$json['msg'] = "OK";
} else {
$json['msg'] = "Fail";
}
} else {
$json['msg'] = "Fail";
}
// log
$affectedRow = $admin->updateLoginIp($res['account'], $_SERVER['REMOTE_ADDR']);
if ($affectedRow != 1) {
// DB Err, log it
$err_log_str = date("Y-m-d H:i:s") . " updateLoginIp > " . print_r($param, true) . "\n\n";
