PDA

View Full Version : admin login system


afnan
10-20-2011, 02:16 AM
hi gues,

how are they?

I wanna go to create PHP admin login system,

index.php

<?php
session_start();
if(!isset($_SESSION["mangre"])){
header("location:admin_login.php");
exit();
}
//this manger session value is in fact in the database
$managerID = preg_replace('#[^0-9]#i','',$_SESSION["id"]);
$manager = preg_replace('#[^A-Za-z0-9]#i','',$_SESSION["manager"]);
$password = preg_replace('#[^A-Za-z0-9]#i','',$_SESSION["password"]);

include "../storescripts/connect_to_mysql.php";
$sql = mysql_query("SELECT * FROM admin WHERE id='$managerID' AND username='$manager' AND password='$password' LIMIT 1");
$existCount = mysql_num_rows($sql);
if ($existCount == 0){
echo"Your login session is not on record in the database";
exit();
}
?>

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>homeadmin</title>
<link rel="stylesheet" href="../style/style.css" type="text/css" media="screen" />
</head>
<body>
<div align="center" id="mainwrraper">
<?php include_once("../template_header.php");?>
<div id="content"> admin store

<h1>Every thing Will be Good at the end </h1> </div>
<?php include_once("../template_footer.php");?>
</div>
</body>
</html>


admin_login.php
<?php
session_start();
if(!isset($_SESSION["managre"])){
header("location:index.php");
exit();
}
?>
<?php
//Parse the log in form if the user has filled it out and pressed "Log in"
if(isset($_POST["username"])&&isset($_POST["password"])) {

$manager = preg_replace('#[^A-Za-z0-9]#i','',$_POST["username"]); //Filter everything but numbers and letters
$password = preg_replace('#[^A-Za-z0-9]#i','',$_POST["password"]); //Filter everything but numbers and letters
//Connect to the MySQL Database
include"../storescripts/connect_to_mysql.php";
$sql=mysql_query("SELECT id FROM admin WHERE username='$manager' AND password='$password'LIMIT 1");//query the person
$existCount = mysql_num_rows($sql); //count the row numbers
if ($existCount == 1){ //evaluate the count
while ($row = mysql_fetch_array($sql)) {
$id = $row["id"];
}
$_SESSION["id"] = $id;
$_SESSION["manager"] = $manager;
$_SESSION["password"] = $password;
header("location:index.php");
exit();
} else{
echo'there is a wrong, try again';
}
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>homeadmin</title>
<link rel="stylesheet" href="../style/style.css" type="text/css" media="screen" />
</head>
<body>
<div align="center" id="mainwrraper">
<?php include_once("../template_header.php");?>
<div id="content">
<p>admin store </p>
<form id="form1" name="form1" method="post" action="admin_login.php">
<p>
<label for="username">username</label>
<input type="text" name="username" id="username" />
</p>
<p>
<label for="password">password</label>
<input type="text" name="password" id="password" />
<p>
<input type="submit" value="Submit" />
</form>
<p>&nbsp;</p>
</div>
<?php include_once("../template_footer.php");?>
</div>
</body>
</html>


but when I open admin_login.php in firefox , and enter username and password , it not go index.php :confused::confused::confused:

I don't know what's the problem !!

all the fill in the same folder.

help me please

Corrosive
10-20-2011, 06:35 AM
Typo;

session_start();
if(!isset($_SESSION["managre"])){
header("location:index.php");
exit();
}

The session is called 'manager'.

afnan
10-20-2011, 04:49 PM
so, where is the mistake !!!

Corrosive
10-20-2011, 04:52 PM
In the code I posted above.

afnan
10-20-2011, 04:57 PM
index.php
session_start();
if(!isset($_SESSION["mangre"])){
header("location:admin_login.php");
exit();
}admin_login.php


session_start();
if(!isset($_SESSION["managre"])){
header("location:index.php");
exit();
}your answer

session_start();
if(!isset($_SESSION["managre"])){
header("location:index.php");
exit();
}

tell me exatly, where is the mistake.

I don't see any differane between my code and your code

Corrosive
10-20-2011, 05:07 PM
I didn't update the code for you I just pointed out that 'manager' was spelt incorrectly. I even made the typo bold so you'd see it.

afnan
10-20-2011, 05:27 PM
ok.
now, "manager" is correct.

index.php
<?php
session_start();
if(!isset($_SESSION["manager"])){
header("location:admin_login.php");
exit();
}
//this manger session value is in fact in the database
$managerID = preg_replace('#[^0-9]#i','',$_SESSION["id"]);
$manager = preg_replace('#[^A-Za-z0-9]#i','',$_SESSION["manager"]);
$password = preg_replace('#[^A-Za-z0-9]#i','',$_SESSION["password"]);

include "../storescripts/connect_to_mysql.php";
$sql = mysql_query("SELECT * FROM admin WHERE id='$managerID' AND username='$manager' AND password='$password' LIMIT 1");
$existCount = mysql_num_rows($sql);
if ($existCount == 0){
echo"Your login session is not on record in the database";
exit();
}
?>admin_login.php
<?php
session_start();
if(!isset($_SESSION["manager"])){
header("location:index.php");
exit();
}
?>
<?php
//Parse the log in form if the user has filled it out and pressed "Log in"
if(isset($_POST["username"])&&isset($_POST["password"])) {

$manager = preg_replace('#[^A-Za-z0-9]#i','',$_POST["username"]); //Filter everything but numbers and letters
$password = preg_replace('#[^A-Za-z0-9]#i','',$_POST["password"]); //Filter everything but numbers and letters
//Connect to the MySQL Database
include"../storescripts/connect_to_mysql.php";
$sql=mysql_query("SELECT id FROM admin WHERE username='$manager' AND password='$password'LIMIT 1");//query the person
$existCount = mysql_num_rows($sql); //count the row numbers
if ($existCount == 1){ //evaluate the count
while ($row = mysql_fetch_array($sql)) {
$id = $row["id"];
}
$_SESSION["id"] = $id;
$_SESSION["manager"] = $manager;
$_SESSION["password"] = $password;
header("location:index.php");
exit();
} else{
echo'there is a wrong, try again';
}
}
?>if I'm open admin_login.php, see what happen

http://www7.0zz0.com/2011/10/20/17/389006885.jpg


then, when I press Submit ,

http://www4.0zz0.com/2011/10/20/17/286128022.jpg

, I want open index.php when I press submit button


help me please

edbr
10-21-2011, 01:14 AM
did you write this script?

davidj
10-27-2011, 01:58 PM
@ed I dont think so!

Where is your form action pointing?