PHP Login


Posted on 16th Feb 2014 07:03 pm by admin

Hey!
I got this shopcart code online, am trying to modify it but am getting an error when i try and login as an administrator.
Am new to php ......so let me know if you can help

Source code for /admin/login.php
<?php
require_once '../library/config.php'; //contains the database configuration
require_once './library/functions.php'; //contains functions such as doLogin() posted below

$errorMessage = '&nbsp;';

if (isset($_POST['txtUserName'])) {
$result = doLogin(); // default username and password is admin

if ($result != '') {
$errorMessage = $result;
}
}

?>
<html>
<head>
<title>Shop Admin - Login</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<link href="include/admin.css" rel="stylesheet" type="text/css">
</head>
<body>
<table width="750" border="0" align="center" cellpadding="0" cellspacing="1" class="graybox">
<tr>
<td><img src="include/banner-top.gif" width="750" height="75"></td>
</tr>
<tr>
<td valign="top"> <table width="100%" border="0" cellspacing="0" cellpadding="20">
<tr>
<td class="contentArea"> <form method="post" name="frmLogin" id="frmLogin">
<p>&nbsp;</p>
<table width="350" border="0" align="center" cellpadding="5" cellspacing="1" bgcolor="#336699" class="entryTable">
<tr id="entryTableHeader">
<td>:: Admin Login ::</td>
</tr>
<tr>
<td class="contentArea">
<div class="errorMessage" align="center"><?php echo $errorMessage; ?></div>
<table width="100%" border="0" cellpadding="2" cellspacing="1" class="text">
<tr align="center">
<td colspan="3">&nbsp;</td>
</tr>
<tr class="text">
<td width="100" align="right">User Name</td>
<td width="10" align="center">:</td>
<td><input name="txtUserName" type="text" class="box" id="txtUserName" value="admin" size="10" maxlength="20"></td>
</tr>
<tr>
<td width="100" align="right">Password</td>
<td width="10" align="center">:</td>
<td><input name="txtPassword" type="password" class="box" id="txtPassword" value="admin" size="10"></td>
</tr>
<tr>
<td colspan="2">&nbsp;</td>
<td><input name="btnLogin" type="submit" class="box" id="btnLogin" value="Login"></td>
</tr>
</table></td>
</tr>
</table>
<p>&nbsp;</p>
</form></td>
</tr>
</table></td>
</tr>
</table>
<p>&nbsp;</p>
</body>
</html>

Source code for the login function in the function.php
function doLogin()
{
// if we found an error save the error message in this variable
$errorMessage = '';

$userName = $_POST['txtUserName'];
$password = $_POST['txtPassword'];

// first, make sure the username & password are not empty
if ($userName == '') {
$errorMessage = 'You must enter your username';
} else if ($password == '') {
$errorMessage = 'You must enter the password';
} else {
// check the database and see if the username and password combo do match
$sql = "SELECT user_id
FROM tbl_user
WHERE user_name = '$userName' AND user_password = PASSWORD('$password')";
$result = dbQuery($sql);

if (dbNumRows($result) == 1) {
$row = dbFetchAssoc($result);
$_SESSION['plaincart_user_id'] = $row['user_id'];

// log the time when the user last login
$sql = "UPDATE tbl_user
SET user_last_login = NOW()
WHERE user_id = '{$row['user_id']}'";
dbQuery($sql);

// now that the user is verified we move on to the next page
// if the user had been in the admin pages before we move to
// the last page visited
if (isset($_SESSION['login_return_url'])) {
header('Location: ' . $_SESSION['login_return_url']);
exit;
} else {
header('Location: index.php');
exit;
}
} else {
$errorMessage = 'Wrong username or password';
}

}

return $errorMessage;
}

/*
Logout a user
*/
function doLogout()
{
if (isset($_SESSION['plaincart_user_id'])) {
unset($_SESSION['plaincart_user_id']);
session_unregister('plaincart_user_id');
}

header('Location: login.php');
exit;
}

No comments posted yet

Your Answer:

Login to answer
174 Like 14 Dislike
Previous forums Next forums
Other forums

Need help: how to catch acess of undefined class properties
Hello. I am learning OO with PHP and have hit a problem.
Some code runs as perfectly valid code,

help finding hacking loopholes
i was attacked by a redirect php injection

my pc is clean of viruses

so i figure that

All possible combinations of String in PL/SQL
Hi All,

Could you please explain the logic of getting all possible combinations of String

cyrillic string conversion question
Hello,

First time here...

I would like to know if there is a way to convert a

How to submit a form to the same page?
I have a table containing information about books in my library and this table has the following col

Read from forum
Haven't written anything forever and I would like to get back.
What I'm trying to do is getting t

Passing Arguments to execlp()
I'm writing a program that mimics a unix shell. It's supposed to take commands with arguments and ex

problems with contact forms that are only protected against SQL injections
What could be a potential problem with contact forms that are only protected against SQL injections

Access website from only 1 computer...?
One of my customers wants his website to only be accessed by people in which they bought the website

InternetOpenUrl() Invalid cert
Hi all,

Does anyone know how to prevent calls to InternetOpenUrl() from failing with erro

Sign up to write
Sign up now if you have flare of writing..
Login   |   Register
Follow Us
Indyaspeak @ Facebook Indyaspeak @ Twitter Indyaspeak @ Pinterest RSS



 
© indyaspeak.com. All Rights Reserved.
Play Free Quiz and Win Cash