Login page

1. <?php
2. include "controls/database.php";
3. $page = "Login";
4. ?>
5. <!DOCTYPE html>
6. <body background="images/pic03.jpg">
7. <html lang="en">
8. <head><meta http-equiv="Content-Type" content="text/html; charset=SHIFT_JIS">
9. <meta http-equiv="X-UA-Compatible" content="IE=edge">
10. <meta name="viewport" content="width=device-width, initial-scale=1">
11. <meta name="description" content="CleverAdmin - Bootstrap Admin Template">
12. <meta name="author" content="Lukasz Holeczek">
13. <meta name="keyword" content="CleverAdmin, Dashboard, Bootstrap, Admin, Template, Theme, Responsive, Fluid, Retina">
14. <link rel="apple-touch-icon-precomposed" sizes="144x144" href="assets/ico/apple-touch-icon-144-precomposed.png">
15. <link rel="apple-touch-icon-precomposed" sizes="114x114" href="assets/ico/apple-touch-icon-114-precomposed.png">
16. <link rel="apple-touch-icon-precomposed" sizes="72x72" href="assets/ico/apple-touch-icon-72-precomposed.png">
17. <link rel="apple-touch-icon-precomposed" sizes="57x57" href="assets/ico/apple-touch-icon-57-precomposed.png">
18. <link rel="shortcut icon" href="assets/ico/favicon.png">
19. <title><?php
20. $getNames = $odb -> query("SELECT * FROM `admin`");
21. while($Names = $getNames -> fetch(PDO::FETCH_ASSOC)) {
22. echo $Names['bootername'];
23. }
24. ?> - <?php echo $page ?></title>
25.  
26. <!-- Bootstrap core CSS -->
27. <link href="assets/css/bootstrap.min.css" rel="stylesheet">
28.  
29. <!-- page css files -->
30. <link href="assets/css/font-awesome.min.css" rel="stylesheet">
31. <link href="assets/css/jquery-ui.min.css" rel="stylesheet">
32.  
33. <!-- Custom styles for this template -->
34. <link href="assets/css/style.min1.css" rel="stylesheet">
35.  
36. <!-- HTML5 shim and Respond.js IE8 support of HTML5 elements and media queries -->
37. <!--[if lt IE 9]>
38. <script src="https://oss.maxcdn.com/libs/html5shiv/3.7.0/html5shiv.js"></script>
39. <script src="https://oss.maxcdn.com/libs/respond.js/1.4.2/respond.min.js"></script>
40. <![endif]-->
41. </head>
42. </head>
43.  
44. <body>
45. <div class="container-fluid content">
46. <div class="row">
47. <div id="content" class="col-sm-12 full">
48. <div class="row">
49. <div class="login-box">
50.  
51. <div class="header">
52. Login to <?php
53. $getNames = $odb -> query("SELECT * FROM `admin`");
54. while($Names = $getNames -> fetch(PDO::FETCH_ASSOC)) {
55. echo $Names['bootername'];
56. }
57. ?>
58. </div>
59.  
60. <form class="form-horizontal login" action="" method="POST">
61. <?php
62.  
63. if (!($user -> LoggedIn()))
64. {
65. if (isset($_POST['loginBtn']))
66. {
67. $username = $_POST['username'];
68. $password = $_POST['password'];
69. $errors = array();
70. if (!ctype_alnum($username) || strlen($username) < 4 || strlen($username) > 15)
71. {
72. //$errors[] = 'Username Must Be Alphanumberic And 4-15 characters in length';
73. }
74.  
75. if (empty($username) || empty($password))
76. {
77. $errors[] = 'Please fill in all fields';
78. }
79.  
80. if (empty($errors))
81. {
82. $SQLCheckLogin = $odb -> prepare("SELECT COUNT(*) FROM `users` WHERE `username` = :username AND `password` = :password");
83. $SQLCheckLogin -> execute(array(':username' => $username, ':password' => SHA1($password)));
84. $countLogin = $SQLCheckLogin -> fetchColumn(0);
85. if ($countLogin == 1)
86. {
87. $SQLGetInfo = $odb -> prepare("SELECT `username`, `ID`, `status` FROM `users` WHERE `username` = :username AND `password` = :password");
88. $SQLGetInfo -> execute(array(':username' => $username, ':password' => SHA1($password)));
89. $userInfo = $SQLGetInfo -> fetch(PDO::FETCH_ASSOC);
90. if ($countLogin == 1)
91. {
92. $SQL = $odb->prepare("SELECT `status` FROM `users` WHERE `username` = :username");
93. $SQL->execute(array(':username' => $username));
94. $status = $SQL->fetchColumn(0);
95. if($status == 1)
96. {
97. $SQL = $odb->prepare("SELECT `reason` FROM `bans` WHERE `username` = :username");
98. $SQL->execute(array(':username' => $username));
99. $ban = $SQL->fetchColumn(0);
100. die('You are banned. Reason: ' . htmlspecialchars($ban));
101. }
102. $logAddr = $odb->prepare("INSERT INTO `login_history` (`username`,`ip`,`date`,`http_agent`) VALUES (:user, :ip, UNIX_TIMESTAMP(NOW()), :agent);");
103. $logAddr->execute(array( ":user" => $username, ":ip" => $_SERVER['REMOTE_ADDR'], ":agent" => $_SERVER['HTTP_USER_AGENT']));
104. $_SESSION['username'] = $userInfo['username'];
105. $_SESSION['ID'] = $userInfo['ID'];
106. echo '<div class="alert alert-success"><p><strong>SUCCESS: </strong>Login Successful. Redirecting....</p></div><meta http-equiv="refresh" content="3;url=index.php">';
107. }
108. else
109. {
110. echo '<div class="alert alert-danger"><p><strong>ERROR: </strong>You are Banned! Reason:</p></div>';
111. }
112. }
113. else
114. {
115. echo '<div class="alert alert-danger"><p><strong>ERROR: </strong>Login Failed</p></div>';
116. }
117. }
118. else
119. {
120. echo '<div class="alert alert-danger"><p><strong>ERROR:</strong><br />';
121. foreach($errors as $error)
122. {
123. echo '-'.$error.'<br />';
124. }
125. echo '</div>';
126. }
127. }
128. }
129. else
130. {
131.  
132. header('location: index.php');
133. }
134. ?>
135.  
136. <script src='https://www.google.com/recaptcha/api.js'></script>
137.  
138. <fieldset class="col-sm-12">
139. <div class="form-group">
140. <div class="controls row">
141. <div class="input-group col-sm-12">
142. <span class="input-group-addon"><i class="fa fa-user"></i></span>
143. <input type="text" class="form-control" name="username" id="username" placeholder="Username" />
144. </div>
145. </div>
146. </div>
147.  
148. <div class="form-group">
149. <div class="controls row">
150. <div class="input-group col-sm-12">
151. <span class="input-group-addon"><i class="fa fa-key"></i></span>
152. <input type="password" name="password" class="form-control" id="password" placeholder="Password"/>
153. </div>
154. </div>
155. </div>
156.  
157. <div class="confirm">
158. <input type="checkbox" name="remember" value="on"/>
159. <label for="remember">Remember me</label>
160. </div>
161. <div class="g-recaptcha" data-sitekey="6LfoeC0UAAAAADgcnyJfuwlZMUQ5zbdMCOZumhD9"></div>
162. <div class="row">
163. <button type="submit" name="loginBtn" class="btn btn-info">Login</button>
164. <a class="btn btn-info" href="register.php">Sign Up!</a>
165. <a class="btn btn-info" href="recover.php">Recover</a>
166.  
167. </div>
168.  
169. </fieldset>
170.  
171. </form>
172. <div class="clearfix"></div>
173.  
174. </div>
175. </div><!--/row-->
176.  
177. </div>
178.  
179. </div><!--/row-->
180.  
181. </div><!--/container-->
182.  
183.  
184. <!-- start: JavaScript-->
185. <!--[if !IE]>-->
186.  
187. <script src="assets/js/jquery-2.1.0.min.js"></script>
188.  
189. <!--<![endif]-->
190.  
191. <!--[if IE]>
192.  
193. <script src="assets/js/jquery-1.11.0.min.js"></script>
194.  
195. <![endif]-->
196.  
197. <!--[if !IE]>-->
198.  
199. <script type="text/javascript">
200. window.jQuery || document.write("<script src='assets/js/jquery-2.1.0.min.js'>"+"<"+"/script>");
201. </script>
202.  
203. <!--<![endif]-->
204.  
205. <!--[if IE]>
206.  
207. <script type="text/javascript">
208. window.jQuery || document.write("<script src='assets/js/jquery-1.11.0.min.js'>"+"<"+"/script>");
209. </script>
210.  
211. <![endif]-->
212. <script src="assets/js/jquery-migrate-1.2.1.min.js"></script>
213. <script src="assets/js/bootstrap.min.js"></script>
214.  
215.  
216. <!-- page scripts -->
217. <script src="assets/js/jquery.icheck.min.js"></script>
218.  
219. <!-- theme scripts -->
220. <script src="assets/js/custom.min.js"></script>
221. <script src="assets/js/core.min.js"></script>
222.  
223. <!-- inline scripts related to this page -->
224. <script src="assets/js/pages/login.js"></script>
225.  
226. <!-- end: JavaScript-->
227. </body>
228. </html>