hi my login is working on my computer, but when i tried 2 computers from 2 different locations, they couldnt login. any help greatly appreciated. thanks. derek.
its setting the hack variable to Y on remote computers.
here is the code for the login page.
Code: <?php
include("connect1.php");
session_start();
$u = $_POST['username'];
$p = $_POST['password'];
$logoff = $_GET['logoff'];
$hack = $_GET['hack'];
if($logoff){
unset($_SESSION['userid']);
$message = "You have been logged off";
}
if($hack){
$message = "Naughty Naughty! "; // COOL
}
// escape username and password for use in SQL//person said on board "looks fine" like this
//to prevent sql injections
$u = mysql_real_escape_string($u);
$p = mysql_real_escape_string($p);
// if fields username and password have contents, then...
if(isset($u) && isset($p) && !empty($u) && !empty($p)){ ///changed from if ($u && $p)
$query = mysql_query("SELECT * FROM table2 WHERE username = '$u' AND password = '$p'");
$result = mysql_fetch_array($query);
if($result['username']){ // if username is set, go on...username is a key for $result, and a field in the table.
$message = "You have been logged in";
$_SESSION['userid'] = $result['username'];
header("Location:old.mainsite.php"); // this will redirect them to the application.php page. and exit the script here.
exit;
}else{
$message = "You do not exist on the system";
}
}
?>
<?php
//IP BANNING CODE START HERE
$s=$_SERVER["REMOTE_ADDR"];
//draws IP address of visitor
$ipbancheck="SELECT * from banip where IP='$s'";
$ipbancheck2=mysql_query($ipbancheck);
while($ipbancheck3=mysql_fetch_array($ipbancheck2))
{
$IPBANNED=$ipbancheck3[IP];
}
//above lines check to see if user Ip is in banned IPs
if ($IPBANNED)
{
header('Location: http://derekvanderven.com/hacker.html');
//print "You have been banned ";
}
else
{
}
?>
here is the code for the form
Code: <form id="form1" name="form1" method="post" action="">
<p> </p>
<table width="200" border="1" align="center">
<tr>
<td><span class="style2">Login to the secret pages</span></td>
</tr>
<tr>
<td><label for="username"> User name </label>
<input type="text" name="username" id="username" /></td>
</tr>
<tr>
<td><label for="password"> Password </label>
<input type="password" name="password" id="password" /></td>
</tr>
<tr>
<td height="44"><input type="submit" name="submit" id="submit" value="Submit" /></td>
</tr>
</table>
</form>
Attempt to assign property of non-object in...
I'm having issues with the following function in PHP 5... function getTreeWithChildren() { $category_id = $this->fields['id']; $parent_id =
Tracking Unique Clicks
Hi guys and gals,Basically I have a database which tracks clicks on my outbound links, I do this by linking to a page like so.../redirect.php?id=1The page then reads the id and increments the click
Securing a user input - need some confirmation
Hello All,I am in the process of recoding a large proportion of an e-commerce site, one of the problems is that there are a few security issues floating around.I have a search box which was originally
Form help: Syntax & Logic
Hello again all,I'm working on a form and ran into a wall (again) and can't seem to think through how to best code what i need (the logic side). I've begun by just sitting down and starting to code
Ajax Error since Upgrading to 3.5
Ever since upgrading my site to .NET 3.5 (I needed LINQ), I've been getting this annoying error on one of my pages:
Save username into DB
OkaY so I got my blog to actually save the posts and whatever, all I need now is for it to keep the right posted. That database is set up to keep post id, title, subject, date, and author. The only
confused between ' ' and " "
there is a php i set:$begin_date_query = mysql_query( "SELECT SUBDATE(due_date, INTERVAL $days_expected DAY) AS begin_date FROM baby WHERE baby_id = $_SESSION['baby_id']" );'coz of the
How can I Compare two xml documents?
Hi all,
button.click += new eventhandler() not works in if(!ispostback)
i want to use button.clcik event in function VIewScrap() which is called in if(!ispostback) but itdoes not works any slolution ?
An odd assignment statement. Can someone explain this assignment to me?
What purpose is served by the bit of code between the two equal signs in the $installurl set? Is this some sneaky way of setting $baseurl? I remember the code seemed to blow up when I took it