[php:1:58ebacaec3]<?php
include("./dbconfig.php");
include("./functions.php");
if($login==""||$haslo==""||strlen($login)>10||strlen($haslo)>10){
blad();
}
$cid=@mysql_connect($dbhost, $dbuser, $dbpass) or cannot();
$login=chop($login);
mysql_select_db("log");
$pobierz=@mysql_query("SELECT pass FROM users WHERE user='$login'");
$p_bazy=@mysql_result($pobierz,0) or blad();
$haslo=md5($haslo);
if($haslo==$p_bazy){
session_start();
$_SESSION['user_name']=$login;
$_SESSION['user_pass']=$haslo;
header("Location: panel.php");
}
else{
blad();
}
mysql_close($cid);
?>[/php:1:58ebacaec3]
Plik functions.php:
[php:1:58ebacaec3]<?php
session_start();
function blad(){
echo("<CENTER><FONT COLOR=#BF3421><B>Niepoprawny login lub hasło!</B></FONT></CENTER>");
include("index.php");
exit;
}
function cannot(){
die("<CENTER><FONT COLOR=#BF3421><B>Nie można nawi±zać poł±czenia z baz± danych!</B></FONT></CENTER>");
}
function check(){
global $_SESSION, $dbhost, $dbuser, $dbpass;
$cid=@mysql_connect($dbhost, $dbuser, $dbpass) or cannot();
mysql_select_db("log");
$pobierz=@mysql_query("SELECT pass FROM users WHERE user='".$_SESSION['user_name']."'");
$p_bazy=@mysql_result($pobierz,0) or blad();
mysql_close($cid);
if($p_bazy!==$_SESSION['user_pass']){
return false;
}else{
return true;
}
}
function udate(){
global $_SESSION, $dbhost, $dbuser, $dbpass, $REMOTE_ADDR;
$cid=@mysql_connect($dbhost, $dbuser, $dbpass) or cannot();
mysql_select_db("log");
$pobierz=@mysql_query("UPDATE users SET last_ip='$REMOTE_ADDR', last_date='".date("Y-m-d")."' WHERE user='".$_SESSION['user_name']."'");
}
function show_data(){
global $_SESSION, $dbhost, $dbuser, $dbpass;
$cid=@mysql_connect($dbhost, $dbuser, $dbpass) or cannot();
mysql_select_db("log");
$pobierz=@mysql_query("SELECT * FROM users WHERE user='".$_SESSION['user_name']."'");
$dane=mysql_fetch_assoc($pobierz);
return "Ostatnie logowanie z IP: ".$dane['last_ip']." Data: ".$dane['last_date'].". <B>[<A HREF="functions.php?action=logout">Wyloguj ".$_SESSION['user_name']."]</A></B>";
}
switch($action){
case logout:
if(empty($_SESSION['user_name'])||empty($_SESSION['user_pass'])){
header("Location: index.php");
}
else{
session_unset($_SESSION['user_name']);
session_unset($_SESSION['user_pass']);
session_destroy();
header("Location: index.php");
}
}
?>[/php:1:58ebacaec3]
i panel.php:
Kod
<?
session_start();
include("./dbconfig.php");
include("./functions.php");
if(empty($_SESSION['user_name'])||empty($_SESSION['user_name'])||!check()){
header("Location: index.php");
}
else{
?>
<HTML>
<HEAD>
<META HTTP-EQUIV="Content-type" CONTENT="text/html; charset=iso-8859-2">
<LINK REL="stylesheet" TYPE="text/css" HREF="lstyl.css">
<TITLE>Panel administracyjny</TITLE>
</HEAD>
<BODY MARGINWIDTH="0" MARGINHEIGHT="0" TOPMARGIN="4" LEFTMARGIN="0">
<TABLE WIDTH="100%" CELLSPACING="0" CELLPADDING="0">
<TR>
<TD BACKGROUND="img/panel.gif" HEIGHT="24" CLASS="panel">
<?
print("Witaj <B>".$_SESSION['user_name']."</B>! ".show_data()." [<a href="functions.php?action=logout">Wyloguj</a>]");
udate();
}
?>
</TD>
</TR>
</TABLE>
</BODY>
</HTML>
session_start();
include("./dbconfig.php");
include("./functions.php");
if(empty($_SESSION['user_name'])||empty($_SESSION['user_name'])||!check()){
header("Location: index.php");
}
else{
?>
<HTML>
<HEAD>
<META HTTP-EQUIV="Content-type" CONTENT="text/html; charset=iso-8859-2">
<LINK REL="stylesheet" TYPE="text/css" HREF="lstyl.css">
<TITLE>Panel administracyjny</TITLE>
</HEAD>
<BODY MARGINWIDTH="0" MARGINHEIGHT="0" TOPMARGIN="4" LEFTMARGIN="0">
<TABLE WIDTH="100%" CELLSPACING="0" CELLPADDING="0">
<TR>
<TD BACKGROUND="img/panel.gif" HEIGHT="24" CLASS="panel">
<?
print("Witaj <B>".$_SESSION['user_name']."</B>! ".show_data()." [<a href="functions.php?action=logout">Wyloguj</a>]");
udate();
}
?>
</TD>
</TR>
</TABLE>
</BODY>
</HTML>
Struktura tabeli:
[sql:1:58ebacaec3]CREATE TABLE users (user char(10) NOT NULL unique, pass char(70), last_ip char(19), last_date DATE);[/sql:1:58ebacaec3]