Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <!-- user.php -->
- <?php
- session_start();
- ob_start();
- $user = 'admin';
- $pass = 'admin';
- $action = $_GET['action'];
- switch($action) {
- // Login.
- case 'login':
- $what = $_GET['what'];
- switch($what) {
- case 'process':
- $username = $_POST['username'];
- $password = $_POST['password'];
- $username = strip_tags($username);
- $password = strip_tags($password);
- $username = htmlspecialchars($username);
- $password = htmlspecialchars($password);
- if($username == $user && $password == $pass) {
- $agent = $_SERVER['HTTP_USER_AGENT'];
- $ip = $_SERVER['REMOTE_ADDR'];
- $_SESSION['login'] = 'admin';
- $_SESSION['agent'] = $agent;
- $_SESSION['ip'] = $ip;
- header('Location: index.php?action=admin');
- } else {
- echo '<p style="font-size: 12px;">Contraseña/Usuario incorrecto. Volver <a style="text-decoration: none;" href="index.php">atrás</a>';
- }
- break;
- // Login form.
- default:
- include('login_form.php');
- }
- break;
- // Logout.
- case 'logout':
- session_destroy();
- header('Location: index.php');
- break;
- // Admin page.
- case 'admin':
- if(isset($_SESSION['login'])) {
- $agent = $_SERVER['HTTP_USER_AGENT'];
- $ip = $_SERVER['REMOTE_ADDR'];
- if($agent == $_SESSION['agent'] && $ip == $_SESSION['ip']) {
- include('admin_page.php');
- } else {
- header('location: ?action=login');
- }
- } else {
- header('location: ?action=login');
- }
- break;
- default:
- include('login_form.php');
- }
- $page_content = ob_get_clean();
- include('layout.php');
- ?>
- <!-- admin_page.php -->
- <div class="login">
- <table border="0" width="100%" height="20px">
- <tr>
- <td align="right" valign="middle" style="padding-right: 8px;"><font style="font-size: 12px;">Conectado como: <?php echo $user; ?> | <a style="text-decoration: none;" href="index.php?action=logout">Salir</a></font>
- </td>
- </tr>
- </table>
- </div>
- <!-- login_form.php -->
- <div class="login">
- <table border="0" width="100%" height="20px">
- <tr>
- <td align="right" valign="middle" style="padding-right: 8px;">
- <form action="index.php?action=login&what=process" method="POST">
- <font style="font-size: 12px;">Usuario: </font>
- <input tabindex="1" type="text" name="username" size="15" style="width: 80px;" class="loginfield" />
- <font style="font-size: 12px;">Contraseña:</font>
- <input tabindex="1" type="password" name="password" size="15" style="width: 80px;" class="loginfield" />
- <input type="submit" value="Entrar" name="submit" class="loginbutton" />
- </form>
- </td>
- </tr>
- </table>
- </div>
- <!-- layout.php -->
- <div id="header">
- <div>
- <a href="index.php"><img src="img/banner.gif" height="110" border="0" /></a>
- </div>
- </div>
- <?php echo $page_content; ?>
Add Comment
Please, Sign In to add comment