function logIn()
{
global $loginPassword;
global $md5LoginPassword;
global $loginPasswordPOST;
global $md5LoginPasswordSession;
global $phpSessionName;
$md5LoginPasswordPOST = md5($loginPasswordPOST);
if ($md5LoginPasswordPOST === $md5LoginPassword) {
session_start();
$_SESSION[$phpSessionName] = $md5LoginPasswordPOST;
loginSuccess();
}
if ($md5LoginPasswordSession !== $md5LoginPassword) {
loginFailed("invalid");
}
if ($md5LoginPasswordSession === $md5LoginPassword) {
loginSuccess();
}
}
if (!isset($_POST['changePass'])) {
echo '<script language="javascript">
alert("Old Password did not match !!");
window.location="' . SERVER . '/changePass";
</script>';
return;
}
$oldpass = $_POST['oldPass'];
$np = $_POST['newPass'];
$cNewPass = $_POST['confirmNewPass'];
$email = $_SESSION['user'];
if ($np != $cNewPass) {
echo '<script language="javascript">
alert("You have to put same password on both fields !!");
window.location="' . SERVER . '/changePass";
</script>';
return;
}
if (!loginSuccess($email, $oldpass)) {
echo '<script language="javascript">
alert("New Password did not match with Confirm New Password!!");
window.location="' . SERVER . '/changePass.php";
</script>';
return;
}
$newPass = password_hash($np, PASSWORD_BCRYPT);
updatePass($newPass, $email);
echo '<script language="javascript">
alert("Password Updated !!");
window.location="' . SERVER . '";
</script>';
<?php
session_start();
require '../model/db.php';
require 'define.php';
if (isset($_POST['loginbtn'])) {
$email = $_POST['email'];
$pass = $_POST['pass'];
if (loginSuccess($email, $pass)) {
$_SESSION['user'] = $email;
$row = getUserID($email);
$_SESSION['id'] = $row['s_id'];
$cookie_name = "user";
$cookie_value = $email;
$cookie_name2 = "id";
$cookie_value2 = $row['s_id'];
if (isset($_POST['remember'])) {
setcookie($cookie_name, $cookie_value, time() + 3600 * 24 * 30, "/");
setcookie($cookie_name2, $cookie_value2, time() + 3600 * 24 * 30, "/");
}
header('Location: ' . SERVER . '');
} else {
header('Location: ' . SERVER . '/login?err=1');
}
}
// any later version.
//
// php-admin-login is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// along with php-admin-login. If not, see <http://www.gnu.org/licenses/>.
include 'functions.php';
$action = $_GET['action'];
if ($action === "logout") {
logOut();
}
if ($md5LoginPasswordSession === $md5LoginPassword) {
loginSuccess();
}
if ($action === "login") {
logIn();
}
?>
<!-- Any code past this point is to display a HTML login form, and isn't necessary for php-admin-login to operate, and therefor can be deleted. -->
<html>
<head>
<title>Log In | php-admin-login</title>
</head>
<body>
<?php
loginErrorMessage();
<?php
/** starts session */
session_start();
/** required file */
require '../model/db.php';
/**
* @var string $value Old Password of the user
* @var string $email email of the user
*/
$value = $_POST['query'];
$email = $_SESSION['user'];
/** check if the old password matched */
if (!loginSuccess($email, $value)) {
echo "**Please insert correct old password.";
}
