API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Apr 22nd, 2017
142
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 9.79 KB | None | 0 0
raw download clone embed print report
  1. <?php
  2. ob_start();
  3. session_name("managment");
  4. session_start();
  5. include ('../includes/config.php');
  6. include ('../includes/functions.db.php');
  7. include ('../includes/functions.lib.php');
  8. include ('../includes/functions.php');
  9.  
  10.  
  11. $tmp = sql::getRows('SELECT * FROM `cn_adminlangs` WHERE lang="'.$_CFG['adminlang'].'"');
  12. foreach($tmp as $v) $_LANG[$v['name']] = $v['value'];
  13.  
  14. if(count($_GET)>0) $_GET = sql::safeArray($_GET);
  15. if(count($_POST)>0) $_POST = sql::safeArray($_POST);
  16.  
  17. if(isset($_GET['tscode'])){
  18. $addIpRequests = settings::get('addIpRequest');
  19. if($addIpRequests==$_GET['tscode'] || @in_array($_GET['tscode'],$addIpRequests)){
  20. add_admin_ip($_GET['m'], $_GET['ip'], __('დამატებულია ელ-ფოსტიდან'));
  21. settings::remove('addIpRequest',$_GET['tscode']);
  22. redirect("login.php?msg=ipaddsuccess");
  23. } else {
  24. redirect("login.php?msg=errorduringaddip");
  25. }
  26. die();
  27. }
  28.  
  29.  
  30. if (is::adminIp()) {
  31. if (@$_GET['act']=='logout') logout();
  32. if (isset($_POST['submit'])) {
  33. $status = array();
  34. if(trim($_POST['user'])=='' || trim($_POST['pass'])=='') redirect('login.php?msg=emptyFields');
  35. ##########
  36. $num_users = sql::cnt("SELECT * FROM `cn_adminusers` WHERE user='".$_POST['user']."' AND pass='".md5($_POST['pass'])."'");
  37.  
  38. if ($num_users==0) {
  39. adminLoginLog($_POST['user'],getenv("REMOTE_ADDR"),0,__('არასწორი მომხმარებელი ან პაროლი'));
  40. redirect('login.php?msg=incorrectuserpass');
  41. } elseif ($num_users==1) {
  42. adminLoginLog($_POST['user'],getenv("REMOTE_ADDR"),1,__('სისტემაში შემოსვლა'));
  43. $row_AdminUser = sql::getRow("SELECT * FROM `cn_adminusers`
  44. WHERE `user`='".$_POST['user']."' AND `pass`='".md5($_POST['pass'])."'");
  45. $_SESSION['userId'] = $row_AdminUser['Id'];
  46. $_SESSION['user'] = $row_AdminUser['user'];
  47. $_SESSION['email'] = $row_AdminUser['email'];
  48. $_SESSION['flname'] = $row_AdminUser['flname'];
  49. $_SESSION['Timeout'] = $row_AdminUser['timeout'];
  50. $_SESSION['isLoggedIn'] = true;
  51. $_SESSION['lasttime'] = date('d/m/Y H:i:s');
  52. session_regenerate_id();
  53. $_SESSION['sessionId'] = session_id();
  54.  
  55. sql::update("UPDATE `cn_adminusers` SET `currsesid`='".$_SESSION['sessionId']."'
  56. WHERE `Id`=".$_SESSION['userId']);
  57. header("Location: index.php");
  58. } else {
  59. adminLoginLog($_POST['user'],getenv("REMOTE_ADDR"),2,__('სისტემური შეცდომა ავტორიზაციის დროს'));
  60. redirect('login.php?msg=error');
  61. }
  62. }
  63. }
  64. ?>
  65. <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
  66. <html xmlns="http://www.w3.org/1999/xhtml">
  67. <head>
  68. <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
  69. <meta name="viewport" content="width=device-width, initial-scale=1.0, maximum-scale=1.0, user-scalable=0" />
  70. <title>CONNECT CMS</title>
  71. <?php echo '
  72. <link href="js_css/styles.css" rel="stylesheet" type="text/css" />
  73. <!--[if IE]> <link href="js_css/ie.css" rel="stylesheet" type="text/css"> <![endif]-->
  74. <script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.7/jquery.min.js"></script>
  75. <script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jqueryui/1.8/jquery-ui.min.js"></script>
  76. <script type="text/javascript" src="js_css/plugins/ui/jquery.fancybox.js"></script>
  77. <script type="text/javascript" src="js_css/plugins/ui/jquery.tipsy.js"></script>
  78. <script type="text/javascript" src="js_css/plugins/forms/jquery.uniform.js"></script>
  79. <script type="text/javascript" src="js_css/files/bootstrap.js"></script>
  80. <script type="text/javascript" src="js_css/files/functions.js"></script>';
  81. ?>
  82. </head>
  83. <body>
  84. <div id="separator">&nbsp;</div>
  85. <?php
  86. if (is::adminIp()) {
  87. ?>
  88. <form action="" method="post">
  89. <div class="fluid" style="margin-left:auto; margin-right:auto; width:450px">
  90. <?php
  91. if(@$_GET['msg']=='logoutOk') {
  92. echo '<div class="nNote nSuccess"><p><b>'.__('გმადლობთ').': </b>'.__('თქვენ წარმატებით გამოხვედით სისტემიდან!').'</p></div>';
  93. }
  94. if(@$_GET['msg']=='emptyFields') {
  95. echo '<div class="nNote nFailure"><p><b>'.__('შეცდომა.').': </b>'.__('გთხოვთ შეავსოთ მომხმარებელი და პაროლი').'</p></div>';
  96. }
  97. if(@$_GET['msg']=='incorrectuserpass') {
  98. echo '<div class="nNote nFailure"><p><b>'.__('შეცდომა').': </b>'.__('არასწორი მომხმარებელი ან პაროლი').'</p></div>';
  99. }
  100. if(@$_GET['msg']=='error') {
  101. echo '<div class="nNote nFailure"><p><b>'.__('შეცდომა').': </b>'.__('სისტემაში მომხმარებელთა წვდომის შეცდომა').'</p></div>';
  102. }
  103. if(@$_GET['msg']=='ipaddsuccess') {
  104. echo '<div class="nNote nSuccess"><p><b>'.__('გმადლობთ').': </b>'.__('IP მისამართი დაემატა წარმატებით!<br>გთხოვთ გაიაროთ ავტორიზაცია').'</p></div>';
  105. }
  106. if(file_exists('../storage/admin-login.png')) echo '<center><img src="/storage/admin-login.png" /></center>';
  107. ?>
  108. <div class="widget" style="margin-top:20px">
  109. <div class="whead"><h6><?php _e('ავტორიზაცია'); ?></h6><div class="clear"></div></div>
  110. <div class="formRow">
  111. <div class="grid3"><label><?php _e('მომხმარებელი'); ?> :</label></div>
  112. <div class="grid7"><input type="text" name="user" value="" /></div><div class="clear"></div>
  113. </div>
  114. <div class="formRow">
  115. <div class="grid3"><label><?php _e('პაროლი'); ?> :</label></div>
  116. <div class="grid7"><input type="password" name="pass" value="" /></div><div class="clear"></div>
  117. </div>
  118. <div class="formRow">
  119. <div class="grid3">&nbsp;</div>
  120. <div class="grid5"><input type="submit" name="submit" class="buttonS bLightBlue" value="Login" /></div><div class="clear"></div>
  121. </div>
  122. </div>
  123. </div>
  124. </form>
  125. <?php } else {
  126. if(isset($_POST['secKey'])){
  127. ob_clean();
  128. if(trim($_POST['mail'])=='' || trim($_POST['secKey'])=='') {
  129. die(__('გთხოვთ შეავსოთ ორივე ველი'));
  130. } else {
  131. $exists = sql::CNT("SELECT * FROM `cn_adminusers` WHERE `email`='".$_POST['mail']."'");
  132. if($exists<1){
  133. adminLoginLog($_POST['mail'],getenv("REMOTE_ADDR"),-1,__('არასწორი ელ-ფოსტით ავტორიზაციის მცდელობა!'));
  134. die(__('არასწორი ელ-ფოსტა'));
  135. } else {
  136. mail_ip_add_request($_POST['mail']);
  137. adminLoginLog($_POST['mail'],getenv("REMOTE_ADDR"),-1,__('ელ-ფოსტით ავტორიზაციის მცდელობა'));
  138. die("ok");
  139. }
  140. }
  141. }
  142. ?>
  143. <form action="" method="post" id="formRequestMailAccess">
  144. <div class="fluid" style="margin-left:auto; margin-right:auto; width:450px">
  145. <?php echo @implode('',$status); ?>
  146. <div class="widget">
  147. <div class="whead"><h6><?php _e('ელ-ფოსტით ავტორიზაციის მოთხოვნა'); ?></h6><div class="clear"></div></div>
  148. <div class="formRow input">
  149. <div class="grid3"><label><?php _e('ელ-ფოსტა'); ?> :</label></div>
  150. <div class="grid5"><input type="text" name="mail" value="" autocomplete="off" /></div><div class="clear"></div>
  151. </div>
  152. <div class="formRow input">
  153. <div class="grid3"><label><?php _e('კოდი'); ?> :</label></div>
  154. <div class="grid5"><input type="text" name="secKey" id="secKey" autocomplete="off" style="width:95px;padding-left:10px;" maxlength="5" />
  155. <img src="img/captcha.php" style="cursor:pointer; vertical-align:middle" onClick="$(this).attr('src','img/captcha.php?'+(new Date().getTime()))" /></div><div class="clear"></div>
  156. </div>
  157. <div class="formRow">
  158. <div class="grid3">&nbsp;</div>
  159. <div class="grid5"><input type="submit" name="submitRequestMailAccess" class="buttonS bLightBlue" alt="Request CONNECT" value="Request CONNECT" /></div><div class="clear"></div>
  160. </div>
  161. </div>
  162. </div>
  163. </form>
  164. <script type="text/javascript">
  165. $('#formRequestMailAccess').submit(function(){
  166. $('input[name="submitRequestMailAccess"]').val('<?php _e('მოითმინეთ...'); ?>');
  167. $.post("<?php echo full_url(); ?>",$('#formRequestMailAccess').serializeArray(),function(data){
  168. if(data=='ok') {
  169. $('div.formRow.input').remove();
  170. $('div.formRow div.grid3').remove();
  171. $('.formRow .grid5').css('width','300px').html('<?php _e('წერილი გამოიგზავნა ელ-ფოსტაზე.'); ?>');
  172. } else {
  173. $('input[name="submitRequestMailAccess"]').val($('input[name="submitRequestMailAccess"]').attr('alt'));
  174. alert(data);
  175. }
  176. });
  177. return false;
  178. })
  179. </script>
  180. <?php } ?>
  181. <script type="text/javascript">
  182. var t = ($(document).height()/2) - ($('.fluid').height()/2)-100;
  183. $('#separator').css("height",t);
  184.  
  185. $(document).resize(function(){
  186. var t = ($(document).height()/2) - ($('.fluid').height()/2)-100;
  187. $('#separator').css("height",t);
  188. });
  189.  
  190. </script>
  191. </body>
  192. </html>
  193. <?php
  194. ob_end_flush();
  195. ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!