Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- function redirect_to($new_location){
- header("location: " . $new_location);
- exit;
- }
- function ensure($test){
- if (!$test){
- die ("Database querying has failed");
- }
- }
- function password_encrypt($password){
- $hash_format="$2y$10$"; //Telling php to use blowfish of 10 character by $2y and $10$
- $salt_length=22; //Salting by blowfish
- $salt=generate_salt($salt_length);//Will be find out in a function
- $format_and_salt=$hash_format . $salt; //Performing the salt
- $hash = crypt($password, $format_and_salt); //Sallting The password
- return $hash;
- }
- function generate_salt($salt_length){
- $unique_random_string=md5(uniqid(mt_rand(), true));
- $base64_encode=base64_encode($unique_random_string);
- $modified_base64_string=str_replace('+', '.', $base64_encode);
- $salt = substr($modified_base64_string, 0, $salt_length);
- return $salt;
- }
- function find_by_username($username){
- global $connection;
- $safe = mysqli_real_escape_string($connection, $username);
- $query= "SELECT * FROM admin ";
- $query.= "WHERE username='{$safe}' ";
- $query.= " LIMIT 1";
- $admin_set=mysqli_query($connection, $query);
- ensure($admin_set);
- if($admin = mysqli_fetch_assoc($admin_set)){
- return $admin;
- }
- }
- function find_by_id($admin_id){
- global $connection;
- $safe = mysqli_real_escape_string($connection, $admin_id);
- $query= "SELECT * FROM admin ";
- $query.= "WHERE id='{$safe}' ";
- $query.= " LIMIT 1";
- $admin_set=mysqli_query($connection, $query);
- ensure($admin_set);
- if($admin = mysqli_fetch_assoc($admin_set)){
- return $admin;
- }
- }
- function password_check($password, $existing_hash){
- $hash=crypt($password, $existing_hash);
- if($hash === $existing_hash){
- return true;
- }else{
- return false;
- }
- }
- function attempt_login($username, $password){
- $admin=find_by_username($username);
- if($admin){
- if(password_check($password, $admin["password"])){
- return $admin;
- }else{
- return false;
- }
- }else{
- return false;
- }
- }
- <?php session_start()?>
- <?php require_once("DB_conn.php");?>
- <?php require_once("function.php");?>
- <html lang="en">
- <head>
- <title>Titan Store</title>
- <link href="public.css" media="all" rel="stylesheet" type="text/css" />
- </head>
- <body>
- <?php
- $Slected=current_id();
- ?>
- <?php
- $subject_result=getting_all_subject();
- ?>
- <div id ="header">
- <h1>Titan Store</h1>
- </div>
- <div id ="main">
- <div id="navigation">
- <ul class="titan">
- <?php
- while($row=mysqli_fetch_assoc($subject_result)){
- ?>
- <li class="selected">
- <a href="About.php?sub=<?php echo $row["id"]; ?>">
- <?php echo $row["position"]; echo "."; echo $row["menu_name"]; ?></a>
- </li>
- <ul class="pages">
- <?php
- $page_result=getting_all_pages($row["id"]);
- ?>
- <?php
- while ($row_page=mysqli_fetch_assoc($page_result)){
- ?>
- <li>
- <a href="Home.php?page=<?php echo $row_page["id"]?>">
- <?php echo $row_page["menu_name"]; ?></a>
- </li>
- <?php
- }
- ?>
- <?php mysqli_free_result($page_result)?>
- </ul>
- <?php
- }
- ?>
- <?php mysqli_free_result($subject_result);?>
- </ul>
- </div>
- <div id= "pages">
- <br/>
- <a href= "Admin.php"> See All Users Lists>></a>
- <?php
- if(isset($_SESSION["message"])){
- echo"<div class="message">";
- echo $_SESSION ["message"];
- echo"</div>";
- $_SESSION["message"]= null;
- }
- ?>
- <?php
- if(isset($_POST['login'])){
- $username=$_POST["username"];
- $password=$_POST["password"];
- $found_admin=attempt_login($username, $password);
- if($found_admin){
- $_SESSION["admin_id"]=$found_admin["id"];
- $_SESSION["username"]=$found_admin["username"];
- redirect_to("manage_content.php");
- }else{
- $_SESSION["message"]="Username/Password was wrong.";
- }
- }
- ?>
- <h1>Log In</h1>
- <br/>
- <?php
- if(isset($_SESSION["message"])){
- echo"<div class="message">";
- echo $_SESSION ["message"];
- echo"</div>";
- $_SESSION["message"]= null;
- }
- ?>
- <h2>Please Login</h2>
- <ul>
- <form action = "admins.php" method = "post">
- <p> Username : <input type="text" name="username" value=""></p>
- <p> Password : <input type="password" name="password" value=""></p><br/>
- <p><input type="submit" name="login" value="Log In"><p>
- </form>
- </div>
- </ul>
- </div>
- <?php require_once("Footer.php");?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement