SHARE
TWEET

Untitled

a guest Nov 6th, 2018 129 Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. <?php
  2.  
  3. include("lib/config.php");
  4. session_start();
  5.  
  6. //$password = false;
  7. if (!empty($_SERVER["HTTP_CF_CONNECTING_IP"])) {
  8.     $ip = $_SERVER["HTTP_CF_CONNECTING_IP"];
  9. } elseif (!empty($_SERVER['HTTP_CLIENT_IP'])) {
  10.     $ip = $_SERVER['HTTP_CLIENT_IP'];
  11. } elseif (!empty($_SERVER['HTTP_X_FORWARDED_FOR'])) {
  12.     $ip = $_SERVER['HTTP_X_FORWARDED_FOR'];
  13. } else {
  14.     $ip = $_SERVER['REMOTE_ADDR'];
  15. }
  16.  
  17. if ($_SERVER["REQUEST_METHOD"] == "POST") {
  18.  
  19.  
  20.  
  21.     // username and password sent from form
  22.  
  23.     $myusername = mysqli_real_escape_string($db, $_POST['username']);
  24.     $mypassword = mysqli_real_escape_string($db, $_POST['password']);
  25.  
  26.  
  27.     if ($result = $db->query("SELECT passcode FROM admin WHERE username = '$myusername'")) {
  28.         while ($row = $result->fetch_assoc()) {
  29.             $password = $row['passcode'];
  30.         }
  31.  
  32.         $result->close();
  33.     }
  34.  
  35.     if (!isset($password)) {
  36.         $password = false;
  37.         $hash = false;
  38.     }
  39.  
  40.     if ($password != false && $hash != false && $password === $_POST['password']) {
  41.  
  42.  
  43.         session_regenerate_id();
  44.         $_SESSION['login_user'] = $myusername;
  45.         $db->query("UPDATE `admin` SET `session`='" . session_id() . "',`ip`='$ip' WHERE `username`='$myusername'");
  46.  
  47.         header("location: index.php");
  48.     } else {
  49.  
  50.  
  51.         $unixtime = time();
  52.         $db->query("UPDATE `admin` SET `faillogin`=faillogin+1, `failip`='$ip',`failtime`='$unixtime' WHERE `username`='$myusername'");
  53.         $error = "Your Login Name or Password is invalid";
  54.  
  55.         error_log(date('d.m.Y H:i:s',$unixtime). " || Wrong login credentials => Username: ".$myusername." - IP: ".$ip."\n", 3, "/var/www/log/admin_wrongpassword.log");
  56.     }
  57.  
  58.     // Dieser Abschnitt ist zum generieren eines neuen Passworts gedacht, solltest Du einen Benutzer registrieren!
  59.     // $salt = substr(sha1(rand()), 0, 16);
  60.     // $hashedPassword = "{SHA512-CRYPT}" . crypt($mypassword, '$6$' . $salt . '$');
  61.     //
  62. }
  63. ?>
  64. <html>
  65.  
  66.  
  67. <head>
  68.     <?php include('header.php'); ?>
  69. </head>
  70.  
  71. <body>
  72. <div class="container">
  73.  
  74.  
  75.     <div class="row">
  76.  
  77.         <div class="col-xs-offset-2 col-xs-8 col-sm-6 col-sm-offset-3 col-md-4 col-md-offset-4 ">
  78.             <h1 class="text-center"><kbd>CSGORUBY SCRIPT RECODE</kbd></h1>
  79.  
  80.             <div class="panel panel-warning text-center">
  81.                 <div class="panel-heading">Login</div>
  82.                 <div class="panel-body">
  83.                 <form method="post">
  84.                     <div class="form-group">
  85.                         <label class="sr-only" for="exampleInputEmail3">Email address</label>
  86.                         <input type="text" class="form-control" name="username" placeholder="Username">
  87.                     </div>
  88.                     <div class="form-group">
  89.                         <label class="sr-only" for="exampleInputPassword3">Password</label>
  90.                         <input type="password" class="form-control" name="password" placeholder="Password">
  91.                     </div>
  92.                     <button type="submit" class="btn btn-primary">Sign in</button>
  93.                 </form>
  94.                     <div class="text-right">
  95.                         IP: <?php echo $ip; ?>
  96.                     </div>
  97.                 <div class="text-danger"><?php if(isset($error)) { echo $error; } ?></div>
  98.                 </div>
  99.             </div>
  100.  
  101.         </div>
  102.     </div>
  103. </div>
  104.  
  105. </body>
  106. </html>
RAW Paste Data
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy. OK, I Understand
 
Top