function logIn() { global $loginPassword; global $md5LoginPassword; global $loginPasswordPOST; global $md5LoginPasswordSession; global $phpSessionName; $md5LoginPasswordPOST = md5($loginPasswordPOST); if ($md5LoginPasswordPOST === $md5LoginPassword) { session_start(); $_SESSION[$phpSessionName] = $md5LoginPasswordPOST; loginSuccess(); } if ($md5LoginPasswordSession !== $md5LoginPassword) { loginFailed("invalid"); } if ($md5LoginPasswordSession === $md5LoginPassword) { loginSuccess(); } }
if (!isset($_POST['changePass'])) { echo '<script language="javascript"> alert("Old Password did not match !!"); window.location="' . SERVER . '/changePass"; </script>'; return; } $oldpass = $_POST['oldPass']; $np = $_POST['newPass']; $cNewPass = $_POST['confirmNewPass']; $email = $_SESSION['user']; if ($np != $cNewPass) { echo '<script language="javascript"> alert("You have to put same password on both fields !!"); window.location="' . SERVER . '/changePass"; </script>'; return; } if (!loginSuccess($email, $oldpass)) { echo '<script language="javascript"> alert("New Password did not match with Confirm New Password!!"); window.location="' . SERVER . '/changePass.php"; </script>'; return; } $newPass = password_hash($np, PASSWORD_BCRYPT); updatePass($newPass, $email); echo '<script language="javascript"> alert("Password Updated !!"); window.location="' . SERVER . '"; </script>';
<?php session_start(); require '../model/db.php'; require 'define.php'; if (isset($_POST['loginbtn'])) { $email = $_POST['email']; $pass = $_POST['pass']; if (loginSuccess($email, $pass)) { $_SESSION['user'] = $email; $row = getUserID($email); $_SESSION['id'] = $row['s_id']; $cookie_name = "user"; $cookie_value = $email; $cookie_name2 = "id"; $cookie_value2 = $row['s_id']; if (isset($_POST['remember'])) { setcookie($cookie_name, $cookie_value, time() + 3600 * 24 * 30, "/"); setcookie($cookie_name2, $cookie_value2, time() + 3600 * 24 * 30, "/"); } header('Location: ' . SERVER . ''); } else { header('Location: ' . SERVER . '/login?err=1'); } }
// any later version. // // php-admin-login is distributed in the hope that it will be useful, // but WITHOUT ANY WARRANTY; without even the implied warranty of // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the // GNU General Public License for more details. // // You should have received a copy of the GNU General Public License // along with php-admin-login. If not, see <http://www.gnu.org/licenses/>. include 'functions.php'; $action = $_GET['action']; if ($action === "logout") { logOut(); } if ($md5LoginPasswordSession === $md5LoginPassword) { loginSuccess(); } if ($action === "login") { logIn(); } ?> <!-- Any code past this point is to display a HTML login form, and isn't necessary for php-admin-login to operate, and therefor can be deleted. --> <html> <head> <title>Log In | php-admin-login</title> </head> <body> <?php loginErrorMessage();
<?php /** starts session */ session_start(); /** required file */ require '../model/db.php'; /** * @var string $value Old Password of the user * @var string $email email of the user */ $value = $_POST['query']; $email = $_SESSION['user']; /** check if the old password matched */ if (!loginSuccess($email, $value)) { echo "**Please insert correct old password."; }