Example #1
0
<?php

include_once 'config.php';
include_once '../checkAdminPagePermissions.php';
$dbBean = new DatabaseBean();
$general = new General($dbBean);
$menu_id = empty($_REQUEST['menu_id']) ? $_SESSION['menu_id'] : $_REQUEST['menu_id'];
$heading = $general->getPageHeading($menu_id);
$query = "SELECT * FROM admins where id=" . $_REQUEST['id'];
if (!$dbBean->Query($query)) {
    $dbBean->Kill();
}
$result = $dbBean->RowArray();
?>
<!DOCTYPE html>
<!--[if IE 8]> <html lang="en" class="ie8 no-js"> <![endif]-->
<!--[if IE 9]> <html lang="en" class="ie9 no-js"> <![endif]-->
<!--[if !IE]><!-->
<html lang="en">
<!--<![endif]-->
<!-- BEGIN HEAD -->
<head>
<?php 
include '../common.php';
?>
<!-- BEGIN PAGE LEVEL STYLES -->
<link rel="stylesheet" type="text/css" href="<?php 
echo ADMIN_URL;
?>
/assets/global/plugins/datatables/plugins/bootstrap/dataTables.bootstrap.css"/>
<!-- END PAGE LEVEL STYLES -->
Example #2
0
<?php

require_once "config.php";
require_once "functions.inc.php";
$dbBean = new DatabaseBean();
$general = new General($dbBean);
$name = isset($_POST['user']) ? $_POST['user'] : "";
$password = isset($_POST['pw']) ? $_POST['pw'] : "";
$name = stripQuotes(removeBadChars($name));
$password = stripQuotes(removeBadChars($password));
$sql = "SELECT count(*) as ct FROM action_recorder WHERE user_name = '" . $name . "' AND success=0 AND DATE_SUB(NOW(), INTERVAL 15 MINUTE) <= date_added";
if (!$dbBean->Query($sql)) {
    $dbBean->Kill();
}
$row = $dbBean->RowArray();
$failattempts = $row['ct'];
if ($failattempts > 5) {
    $_SESSION['msg'] = 'The maximum number of login attempts has been reached. Please try again in 15 minutes.';
    $num = 'danger';
    $url = ADMIN_URL . "/login.php";
    $general->redirectUrl($url, $num);
    exit;
}
$sql = "SELECT * FROM admins WHERE username = '******' AND binary password='******' ;";
if (!$dbBean->Query($sql)) {
    $dbBean->Kill();
}
$row = $dbBean->RowArray();
if ($row) {
    $_SESSION['adm_logged'] = true;
    $_SESSION['adm_user_id'] = $row['id'];