login

1. <?php require_once("../_php_includes/_PHP_Conf.inc.php");
2.  
3. if(isset($_SESSION['username']) && isset($_SESSION['password'])){
4. Header("Location: ".$php['HTTP_HOST']."/pages/home");
5. return 1;
6. }
7. if(isset($_POST['login']))
8. {
9. $salt = '78sdjs86d2h';
10. $username = mysqli_real_escape_string($DB_H, addslashes($_POST['name']));
11. $password = mysqli_real_escape_string($DB_H, addslashes($_POST['password']));
12. $hash1 = hash('sha256', $password . $salt);
13. $hash = strtoupper($hash1);
14.  
15.  
16. $dbh = new PDO("mysql:host=localhost;dbname=burned", "root", "mysql");
17.  
18. $dbh->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
19.  
20. $stmt = $dbh->prepare("SELECT id, name, password FROM users
21. WHERE name = :numele AND password = :parola");
22.  
23. /*** bind the parameters ***/
24. $stmt->bindParam(':numele', $username, PDO::PARAM_STR);
25. $stmt->bindParam(':parola', $password, PDO::PARAM_STR, 40);
26.  
27. /*** execute the prepared statement ***/
28. $stmt->execute();
29.  
30. /*** check for a result ***/
31. $user_id = $stmt->fetchColumn();
32.  
33. /*** if we have no result then fail boat ***/
34. if($user_id == false)
35. {
36. $msg = "Datele introduse sunt greșite!";
37. }
38. /*** if we do have a result, all is well ***/
39. else
40. {
41. /*** set the session user_id variable ***/
42. $_SESSION['username'] = $username;
43. $_SESSION['password'] = $hash;
44.  
45. echo "
46. <script type='text/javascript'>
47. <!--
48. function Redirect()
49. {
50. window.location='/panel/';
51. }
52. setTimeout('Redirect()', 50);
53. //-->
54. </script>";
55. }
56. }
57. ?>
58.  
59. <!DOCTYPE html>
60. <html>
61.  
62. <head>
63. <!-- Meta, title, CSS, favicons, etc. -->
64. <meta charset="utf-8">
65. <title>Bladex - Autentificare</title>
66. <meta name="viewport" content="width=device-width, initial-scale=1.0">
67.  
68. <!-- Font CSS (Via CDN) -->
69. <link rel='stylesheet' type='text/css' href='http://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700,800'>
70. <link rel="stylesheet" type="text/css" href="http://fonts.googleapis.com/css?family=Roboto:400,500,700,300">
71.  
72. <!-- Theme CSS -->
73. <link rel="stylesheet" type="text/css" href="/panel/assets/skin/default_skin/css/theme.css">
74.  
75. <!-- Admin Forms CSS -->
76. <link rel="stylesheet" type="text/css" href="/panel/assets/admin-tools/admin-forms/css/admin-forms.css">
77.  
78. <!-- Favicon -->
79. <link rel="shortcut icon" href="/panel/assets/img/favicon.ico">
80.  
81. <!-- HTML5 Shim and Respond.js IE8 support of HTML5 elements and media queries -->
82. <!--[if lt IE 9]>
83. <script src="https://oss.maxcdn.com/libs/html5shiv/3.7.0/html5shiv.js"></script>
84. <script src="https://oss.maxcdn.com/libs/respond.js/1.3.0/respond.min.js"></script>
85. <![endif]-->
86. </head>
87.  
88. <body class="external-page sb-l-c sb-r-c">
89.  
90. <!-- Start: Settings Scripts -->
91. <script>
92. var boxtest = localStorage.getItem('boxed');
93.  
94. if (boxtest === 'true') {
95. document.body.className += ' boxed-layout';
96. }
97. </script>
98. <!-- End: Settings Scripts -->
99.  
100. <!-- Start: Main -->
101. <div id="main" class="animated fadeIn">
102.  
103. <!-- Start: Content -->
104. <section id="content_wrapper">
105.  
106. <!-- begin canvas animation bg -->
107. <div id="canvas-wrapper">
108. <canvas id="demo-canvas"></canvas>
109. </div>
110.  
111. <!-- Begin: Content -->
112. <section id="content">
113.  
114. <div class="admin-form theme-info" id="login1">
115.  
116.  
117.  
118. <div class="panel panel-info mt10 br-n">
119. <button type="submit" onclick="window.location.href='/panel'" class="btn btn-primary btn-block" >Mergi la pagina principală</button>
120.  
121.  
122.  
123. <!-- end .form-header section -->
124.  
125. <form method="post" action="">
126. <div class="panel-body bg-light p30">
127. <div class="row">
128. <div class="col-sm-7 pr30">
129.  
130.  
131.  
132. <div class="section">
133. <label for="username" class="field-label text-muted fs18 mb10">Nume din joc</label>
134. <label for="username" class="field prepend-icon">
135. <input type="text" name="username" id="username" class="gui-input" placeholder="Care este numele folosit in joc?">
136. <label for="username" class="field-icon"><i class="fa fa-user"></i>
137. </label>
138. </label>
139. </div>
140. <!-- end section -->
141.  
142. <div class="section">
143. <label for="username" class="field-label text-muted fs18 mb10">Parolă</label>
144. <label for="password" class="field prepend-icon">
145. <input type="password" name="password" id="password" class="gui-input" placeholder="Care este parola acestui cont?">
146. <label for="password" class="field-icon"><i class="fa fa-lock"></i>
147. </label>
148. </label>
149. </div>
150. <!-- end section -->
151.  
152. </div>
153. <div class="col-sm-5 br-l br-grey pl30">
154. <?php if(isset($msg)): ?>
155. <div class="alert alert-danger" role="alert"><?= $msg ?></div>
156. <?php endif; ?>
157. <h3 class="mb25"> Odată autentificat o să poți să:</h3>
158. <p class="mb15">
159. <span class="fa fa-check text-success pr5"></span> Vezi informații despre cont.</p>
160. <p class="mb15">
161. <span class="fa fa-check text-success pr5"></span> Faci o reclamație asupra unui jucător.</p>
162. <p class="mb15">
163. <span class="fa fa-check text-success pr5"></span> Schimba parola contului tău.</p>
164. <p class="mb15">
165. <span class="fa fa-check text-success pr5"></span> Aplici intr-o facțiune anume.</p>
166. </div>
167. </div>
168. </div>
169.  
170.  
171. <!-- end .form-body section -->
172. <div class="panel-footer clearfix p10 ph15">
173. <button type="submit" name="login" class="btn btn-primary btn-block">Autentificare</button>
174.  
175. </div>
176. <!-- end .form-footer section -->
177. </form>
178. </div>
179. </div>
180.  
181. </section>
182. <!-- End: Content -->
183.  
184. </section>
185. <!-- End: Content-Wrapper -->
186.  
187. </div>
188. <!-- End: Main -->
189.  
190. <!-- BEGIN: PAGE SCRIPTS -->
191.  
192. <!-- Google Map API -->
193. <script type="text/javascript" src="http://maps.google.com/maps/api/js?sensor=true"></script>
194.  
195. <!-- jQuery -->
196. <script type="text/javascript" src="/panel/vendor/jquery/jquery-1.11.1.min.js"></script>
197. <script type="text/javascript" src="/panel/vendor/jquery/jquery_ui/jquery-ui.min.js"></script>
198.  
199. <!-- Bootstrap -->
200. <script type="text/javascript" src="/panel/assets/js/bootstrap/bootstrap.min.js"></script>
201.  
202. <!-- Page Plugins -->
203. <script type="text/javascript" src="/panel/assets/js/pages/login/EasePack.min.js"></script>
204. <script type="text/javascript" src="/panel/assets/js/pages/login/rAF.js"></script>
205. <script type="text/javascript" src="/panel/assets/js/pages/login/TweenLite.min.js"></script>
206.  
207. <!-- Theme Javascript -->
208. <script type="text/javascript" src="/panel/assets/js/utility/utility.js"></script>
209. <script type="text/javascript" src="/panel/assets/js/main.js"></script>
210.  
211. <!-- Page Javascript -->
212. <script type="text/javascript">
213. jQuery(document).ready(function() {
214.  
215. "use strict";
216.  
217. // Init Theme Core
218. Core.init();
219.  
220. // Init Demo JS
221. Demo.init();
222.  
223. // Init CanvasBG and pass target starting location
224. CanvasBG.init({
225. Loc: {
226. x: window.innerWidth / 2,
227. y: window.innerHeight / 3.3
228. },
229. });
230.  
231.  
232. });
233. </script>
234.  
235. <!-- END: PAGE SCRIPTS -->
236.  
237. </body>
238.  
239. </html>