PHP Login

Posted on 16th Feb 2014 07:03 pm by admin

Hey!
I got this shopcart code online, am trying to modify it but am getting an error when i try and login as an administrator.
Am new to php ......so let me know if you can help

Source code for /admin/login.php
<?php
require_once '../library/config.php'; //contains the database configuration
require_once './library/functions.php'; //contains functions such as doLogin() posted below

$errorMessage = '&nbsp;';

if (isset($_POST['txtUserName'])) {
$result = doLogin(); // default username and password is admin

if ($result != '') {
$errorMessage = $result;
}
}

?>
<html>
<head>
<title>Shop Admin - Login</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<link href="include/admin.css" rel="stylesheet" type="text/css">
</head>
<body>
<table width="750" border="0" align="center" cellpadding="0" cellspacing="1" class="graybox">
<tr>
<td><img src="include/banner-top.gif" width="750" height="75"></td>
</tr>
<tr>
<td valign="top"> <table width="100%" border="0" cellspacing="0" cellpadding="20">
<tr>
<td class="contentArea"> <form method="post" name="frmLogin" id="frmLogin">
<p>&nbsp;</p>
<table width="350" border="0" align="center" cellpadding="5" cellspacing="1" bgcolor="#336699" class="entryTable">
<tr id="entryTableHeader">
<td>:: Admin Login ::</td>
</tr>
<tr>
<td class="contentArea">
<div class="errorMessage" align="center"><?php echo $errorMessage; ?></div>
<table width="100%" border="0" cellpadding="2" cellspacing="1" class="text">
<tr align="center">
<td colspan="3">&nbsp;</td>
</tr>
<tr class="text">
<td width="100" align="right">User Name</td>
<td width="10" align="center">:</td>
<td><input name="txtUserName" type="text" class="box" id="txtUserName" value="admin" size="10" maxlength="20"></td>
</tr>
<tr>
<td width="100" align="right">Password</td>
<td width="10" align="center">:</td>
<td><input name="txtPassword" type="password" class="box" id="txtPassword" value="admin" size="10"></td>
</tr>
<tr>
<td colspan="2">&nbsp;</td>
<td><input name="btnLogin" type="submit" class="box" id="btnLogin" value="Login"></td>
</tr>
</table></td>
</tr>
</table>
<p>&nbsp;</p>
</form></td>
</tr>
</table></td>
</tr>
</table>
<p>&nbsp;</p>
</body>
</html>

Source code for the login function in the function.php
function doLogin()
{
// if we found an error save the error message in this variable
$errorMessage = '';

$userName = $_POST['txtUserName'];
$password = $_POST['txtPassword'];

// first, make sure the username & password are not empty
if ($userName == '') {
$errorMessage = 'You must enter your username';
} else if ($password == '') {
$errorMessage = 'You must enter the password';
} else {
// check the database and see if the username and password combo do match
$sql = "SELECT user_id
FROM tbl_user
WHERE user_name = '$userName' AND user_password = PASSWORD('$password')";
$result = dbQuery($sql);

if (dbNumRows($result) == 1) {
$row = dbFetchAssoc($result);
$_SESSION['plaincart_user_id'] = $row['user_id'];

// log the time when the user last login
$sql = "UPDATE tbl_user
SET user_last_login = NOW()
WHERE user_id = '{$row['user_id']}'";
dbQuery($sql);

// now that the user is verified we move on to the next page
// if the user had been in the admin pages before we move to
// the last page visited
if (isset($_SESSION['login_return_url'])) {
header('Location: ' . $_SESSION['login_return_url']);
exit;
} else {
header('Location: index.php');
exit;
}
} else {
$errorMessage = 'Wrong username or password';
}

}

return $errorMessage;
}

/*
Logout a user
*/
function doLogout()
{
if (isset($_SESSION['plaincart_user_id'])) {
unset($_SESSION['plaincart_user_id']);
session_unregister('plaincart_user_id');
}

header('Location: login.php');
exit;
}

Your Answer:

Login to answer

Other forums

retrieving policy name inside the function called by this particular policy
Hi there,

I've playing around with dbms_rls package, trying to set up some security repo

Taking an HTML form and a PHP program and making it into one working file.
Hello,

So I would like to display everything INSIDE a specific directory. In other words, I

Custom Container in module pool program
Hello everyone,

I have created a custom control in my module pool screen. Now I want to s

remove a ; from emails in textarea
Code: <?php

session_start();

$database_host = "localhost&qu

PHP form help required
Hi all! Apologies in advance for having to message the forum for help. I know you must get a lot of

Mail Form receiving emails with no content
Hi, I hope someone here can help me.
I have a simple form in my website, it was working OK, after

Can we convert non uni code system into unicode
Hi All,

Presently i am using non-unicode system and the sap version is 4.7.
Can i c

is this the proper use of mysql_real_escape_string() to prevent sql injections?
i was wondering is this the proper use of mysql_real_escape_string() to prevent sql injections? any

Switch letters in message (basic cryptology)...
I am trying to switch letters around in a message for an application on my site (see here). The prob

PHP/Database issue
My friend is helping me make a database where you go to a certain webpage of my site and the page wi