Pastie Support Pastie or read my Pastie << self blog

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106

<?php 
require_once('config.php');
require_once('functions.php');
session_start();

	if (isset($_SESSION["logged"]))
	{
		if ($_SESSION["logged"] == 'true')
		{
			header('location: index.php');
		}
	}
 ?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
	"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
	<meta http-equiv="Content-type" content="text/html; charset=Windows-1255" />
	<title>Panel - CssLearn</title>
	<meta http-equiv="Content-Language" content="he" />
	<meta name="description" content="Description" />
	<meta name="keywords" content="Keywords" />
	<meta name="author" content="Noy Rismani" />
	<link rel="stylesheet" type="text/css" href="csslogin.css" />
</head>

<body>
  <?php


  if (!isset($_SESSION["logged"]))
  {
  echo <<<EOF
<div id="back">
	<img src="images/logonoslogan2.jpg" />
	<div id="box3">
  <form method="post" action="login.php">

	<br />
	<table border="0" width="250">
	<tr>
 <td> Username </td> <td> <input type="input" name="name" MAXLENGTH=16 /></td>
 </tr>
 
 <tr>
     <td>Password</td> <td><input type="password" name="password" MAXLENGTH=16 /></td>
	 </tr>
	 </table>
<div id="logini"><input type="submit" name="login" value="Login"/ ></div>
  </form>
  <div id="msg">
EOF;


	if(isset($_POST['login']))
	{
	global $sql;
	$username = htmlentities($_POST['name']);
	dbConnect();
	$query = dbQuery("SELECT * FROM uadmin WHERE username = '$username'");
	$row = dbFetchAssoc($query);
			
		
		if (mysql_num_rows($query) == 0)
		{
		echo "<font color='red'>Wrong Deatils</font>";
				echo '<meta http-equiv="refresh" content="1" />';
		}
		else
		{
		$password = htmlentities($_POST['password']);
		$md5 = md5($password);
		$mek = 875;
		$pass = "{$md5}{$mek}";
	    if($pass == $row['password'])
	    {
			$_SESSION["logged"] = 'true';
			global $tiz;
			putenv($tiz);
			$today = date("F j, Y, g:i a");
			$query = dbQuery("UPDATE uadmin SET lastlogin = '$today' WHERE username = '$username'");
				echo '<meta http-equiv="refresh" content="0" />';
				}	
			 else {
				echo "<font color='red'>Wrong Deatils</font>";
				echo '<meta http-equiv="refresh" content="1" />';
				}
			}
			mysql_close();
	}
	echo <<<EOF
	</div>
  <div id="for"><a href="#">Forgot Password?</a></div>
</div>
</div>
<div id='copy2'> &copy; SBNwp </div>
EOF;


	}
	
	
?>
	
</body>
</html>