Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- require_once("includes/DbConnector.class.php");
- require_once("includes/Sanitizer.class.php");
- session_start();
- if (isset($_SESSION['logged']) && $_SESSION['logged'] == 1) {
- header("location:admin.php");
- }
- if (isset($_POST['username']) && isset($_POST['password'])) {
- $username = $_POST['username'];
- $password = $_POST['password'];
- $username = html_sanitize($username);
- $password = html_sanitize($password);
- $DbConnector = new DbConnector();
- $DbConnector->DbConnector();
- $login_query = $DbConnector->query("SELECT * FROM credentials WHERE username = ".$username." AND password = ".$password.";");
- $login_result = $DbConnector->fetchObject($login_query);
- $login_count = $DbConnector->count($login_query);
- if ($login_count == 1) {
- $_SESSION['cred_id'] = $login_result->cred_id;
- $_SESSION['role'] = $login_result->role;
- $_SESSION['logged'] = 1;
- header("location:admin.php");
- }
- }
- ?>
- <html>
- <head>
- <title>Log in to ACL</title>
- </head>
- <body>
- <h1>WELCOME TO ACL</h1>
- <form name="login" method="post" action="<?php echo htmlentities($_SERVER['PHP_SELF']); ?>">
- <fieldset>
- <legend>Insert your login credentials</legend>
- <p><label for="username">Username:</label><br/> <input type="text" name="username" /></p>
- <p><label for="password">Password:</label><br/> <input type="password" name="password" /></p>
- <p class="submit"><input type="submit" value="LOG IN" name="submit" /></p>
- </fieldset>
- </form>
- </body>
- </html>
- ------------------------
- <?php
- ////////////////////////////////////////////////////////////////////////////////////////
- // Class: DbConnector
- // Purpose: Connect to a database, MySQL version
- // Author: Sotiris K.
- ///////////////////////////////////////////////////////////////////////////////////////
- require_once 'SystemComponent.class.php';
- class DbConnector extends SystemComponent {
- var $theQuery;
- var $link;
- var $result;
- var $fetch;
- var $count;
- function DbConnector(){
- $settings = SystemComponent::getSettings();
- $host = $settings['dbhost'];
- $db = $settings['dbname'];
- $user = $settings['dbusername'];
- $pass = $settings['dbpassword'];
- $this->link = mysql_connect($host, $user, $pass);
- mysql_select_db($db);
- register_shutdown_function(array(&$this, 'close'));
- }
- function query($query) {
- $this->theQuery = $query;
- $this->result = mysql_query($query, $this->link);
- return $this->result;
- }
- function fetchObject($result) {
- $result = $this->result;
- $this->fetch = mysql_fetch_object($result);
- return $this->fetch;
- }
- function count($result) {
- $result = $this->result;
- $this->count = mysql_num_rows($result);
- return $this->count;
- }
- function close() {
- mysql_close($this->link);
- }
- }
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement