API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Aug 28th, 2017
83
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 2.18 KB | None | 0 0
raw download clone embed print report
  1. isset($_SESSION["admin"])&&$_SESSION["admin"]==true //this can pass
  2.  
  3. $conn = new PDO('mysql:host=localhost;port=3306;dbname=xxx' , 'xxx' , 'xxxx');
  4. $conn->setAttribute(PDO::ATTR_ORACLE_NULLS, true);
  5.  
  6. <form class="login" action="index.php" method="post">
  7. <span>account:</span><input type="text" name="username" /><br /><br />
  8. <span>password:</span><input type="password" name="password"/><br /><br />
  9. <span>verificationCode:</span><input type="text" name="code" /><img id="code" src="create_code.php" alt="another" style="cursor: pointer; vertical-align:middle;" onClick="create_code()"/><br /><br />
  10. <input type="submit" style="margin-left:35%" value="logon" /><input type="reset" value="" /> </div>
  11. </form>
  12.  
  13. <?php
  14. session_start();
  15. if(!isset($_GET['log_out']) && ($_POST['code'] != $_SESSION['code']))
  16. {
  17. echo "wrong verificationCode!<br />" . "<meta http-equiv='refresh' content='2;url=index.html'>";
  18. }
  19. if(!isset($_GET['log_out']))
  20. {
  21. $user = $_POST['username'];
  22. $pwd = $_POST['password'];
  23. if($user!=null & $pwd!=null)
  24. {
  25. try
  26. {
  27. $conn=new PDO('mysql:host=x.x.x.x;port=3306;dbname=hpc',$user,$pwd);
  28. }
  29. catch(PDOException $e)
  30. {
  31. echo "faile<br />".$e->getMessage()."<meta http-equiv='refresh' content='1;url=index.html'>";
  32. }
  33.  
  34. if($conn)
  35. {
  36. $_SESSION["admin"]=true;
  37. $stas = $conn->getAttribute(PDO::ATTR_CONNECTION_STATUS);
  38. .....
  39. echo "<script language='javascript' type='text/javascript'>";
  40. echo "window.location.href='http://xx.xx.xx.xx/repair_device.php'";
  41. echo "</script>";
  42. .....
  43. }
  44. }
  45. }
  46. ?>
  47.  
  48. <?php
  49. session_start();
  50. //create pic
  51. header("Content-type: image/png");
  52. .....
  53. $_SESSION['code'] = $verifyCode; //stor verification code in session
  54. ......
  55. ?>
  56.  
  57. <!DOCTYPE html>
  58. <html>
  59. <head>
  60. ......
  61. </head>
  62. <body>
  63. <?php
  64. session_start();
  65. // $conn = new PDO('mysql:host=localhost;port=3306;dbname=xxx' , 'xxx' , 'xxxx');
  66. //$conn->setAttribute(PDO::ATTR_ORACLE_NULLS, true);
  67. $admin=false;
  68. if(isset($_SESSION["admin"])&&$_SESSION["admin"]==true)
  69. {
  70. alert("testInDR");
  71. $sql = "select * from hpc_repairdevice order by datetime desc";
  72. ......
  73. $sel=$conn->query($sql);
  74. ......
  75. }
  76. ?>
  77. </body>
  78. </html>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!