API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Feb 10th, 2016
90
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 4.54 KB | None | 0 0
raw download clone embed print report
  1. <html lang="he">
  2. <head>
  3. <meta charset="utf-8"/>
  4. </head>
  5. <?
  6. //מחזירה את הסיסמא המוצפנת
  7. function PASSWORDO($pass)
  8. {
  9. $pass=$pass[0].$pass.$pass[0]; // ("1234" => "112341") הצפנה 1:
  10. $pass=md5($pass); //מצפין את ההצפנה בשיטת md5
  11. return $pass; //מחזיר pass משתנה
  12. }
  13.  
  14. //בדיקת התאמת שם המשתמש והסיסמא
  15. function CheckUserPassword($user,$pass,$with_calc=true)
  16. {
  17. global $protect_user_group;
  18.  
  19. if ($user=="" || $pass=="") //אם השם משתמש או הסיסמא ריקים
  20. return false;
  21.  
  22. /*** התחברות למסד ***/
  23. $sql=@mysql_connect('sql307.000space.com','space_17351458','hpugrcho1') or die("<BR>ERROR: cannot connect to MySQL server!"); //מתחבר למסד
  24. @mysql_select_db("space_17351458_dbd",$sql) or die("<BR>ERROR: cannot use the DB!"); //בוחר מסד להתחברות
  25.  
  26. $c_pass=($with_calc==true)?PASSWORDO($pass):$pass; //calculates the password if needed
  27. $res=@mysql_query("SELECT user FROM user_pass WHERE (user_group='".$protect_user_group."' AND user='".$user."' AND pass='".$c_pass."')",$sql) or die("<BR>ERROR: incorrect query!");
  28.  
  29. if (mysql_num_rows($res)==1) //if we got a row, then we got a match
  30. return $c_pass; //returning a string of the password itself
  31. return false; //if we got to here, we got no row, then there is no match
  32.  
  33. @mysql_close($sql);
  34. }
  35.  
  36.  
  37. /************************/
  38. /*** The Main Program ***/
  39.  
  40. session_cache_limiter("nocache"); //sets the cache limiter for the session for the current script run (nocache => avoiding from the browser to save the content of the page in his cache, the page refreshes every time you enter)
  41. session_start(); //starting the session
  42.  
  43. if (!isset($protect_user_group))
  44. $protect_user_group=0;
  45.  
  46. if (!isset($_SESSION["auth_user_id".$protect_user_group]) && !isset($_SESSION["auth_password_id".$protect_user_group])) //if not authorized
  47. {
  48. $us=$_POST["auth_user_"];
  49. $ps=CheckUserPassword($_POST["auth_user_"],$_POST["auth_password_"]);
  50. if ($ps===false) //if user-password is not send or incorrect
  51. {
  52. echo "<DIV align=\"center\" dir=\"rtl\">\n\n";
  53. echo "<H2><FONT color=\"#CC0000\">דף מוגן !!!</FONT></H2><B>אינך מורשה לצפות בדף זה ללא היתר.</B><BR><BR>\n\n";
  54.  
  55. /* Displaying the User-Password Form: */
  56. ?>
  57.  
  58. <FORM action="<?= $_SERVER["PHP_SELF"]; ?>" method="POST">
  59. <TABLE width=200 cellpadding=5 cellspacing=0 border=0>
  60. <TR>
  61. <TD width=100>משתמש:</TD>
  62. <TD width=100><INPUT type="TEXT" name="auth_user_" value="<?= $us; ?>" style="width:95px;"></TD>
  63. </TR>
  64. <TR>
  65. <TD width=100>ססמא:</TD>
  66. <TD width=100><INPUT type="PASSWORD" name="auth_password_" style="width:95px;"></TD>
  67. </TR>
  68. <TR>
  69. <TD colspan=2 align="center"><INPUT type="SUBMIT" name="auth_button_enter" value=" הכנס "></TD>
  70. </TR>
  71. </TABLE>
  72. </FORM>
  73. <?
  74.  
  75. if (isset($_POST["auth_button_enter"])) //if the user-password form was submitted
  76. echo "<B><FONT color=\"#FF0000\">שם המשתמש והססמא שגויים!</FONT></B><BR><BR>\n";
  77.  
  78. echo "</DIV>\n\n";
  79. exit(); //stop the script, avoiding from sending the contents of the page
  80. }
  81. else //if the user-password that was entered is correct
  82. {
  83. $_SESSION["auth_user_id".$protect_user_group]=$us; //saves session variable
  84. $_SESSION["auth_password_id".$protect_user_group]=$ps; //saves session variable
  85. header("Location: "."/secondpage.php"); //reloading the page again, to avoid from the POST data of the form to be sent again on refresh
  86.  
  87. }
  88. }
  89. elseif (CheckUserPassword($_SESSION["auth_user_id".$protect_user_group],$_SESSION["auth_password_id".$protect_user_group],false)===false) //checking the user-password from the session
  90. {
  91. /* If we got to here, then there are user and password saved in the session, but they do not match. */
  92. echo "<DIV align=\"center\" dir=\"rtl\"><H2><FONT color=\"#CC0000\">אינך מורשה להכנס לדף זה !!!</FONT></H2></DIV>\n";
  93. exit(); //stop the script
  94. }
  95. elseif ($_GET["logout"]=="true") //if we want to logout
  96. {
  97. session_unset("auth_user_id".$protect_user_group); //removing a session variable
  98. session_unset("auth_password_id".$protect_user_group); //removing a session variable
  99. header("Location: "."/firstpage.php"); //reloading the page again, to display the user-password form
  100. }
  101.  
  102. /* If you got to here, then you are authorized! */
  103.  
  104. ?>
  105. </html>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!