Your IP : 216.73.216.40
<!DOCTYPE html>
<?php
ob_start();
?>
<?php
require_once("includes/functions.php");
require_once("includes/session.php");
require_once("includes/header.php");
require_once("includes/ContentSanitize.class.php");
$san = new Sanitize();
?>
<?php
if (logged_in("user")) {
header("Location: user.php");
}
if (logged_in("admin")) {
header("Location: admin.php");
}
if (isset($_POST['submit'])) {
echo "logging in ";
extract($_POST);
$uid = $san->cleanString($uid);
$pwd = $san->cleanString($pwd);
echo $uid . " ...";
if(chk_admin($uid, $pwd, $dbh) == 1) {
$_SESSION['uid'] = $uid;
$_SESSION['type'] = "admin";
$_SESSION['crypted'] = crypt($uid, encryption($uid, $_SESSION['type']));
header("Location: admin.php");
} else if(chk_user($uid, $pwd, $dbh) == 1) {
$_SESSION['uid'] = $uid;
$_SESSION['type'] = "user";
$_SESSION['crypted'] = crypt($uid, encryption($uid, $_SESSION['type']));
header("Location: user.php");
} else {
header("Location: login.php?login_attempt=1");
}
} else {
$uid = "";
$pwd = "";
}
?>
<html>
<head>
<title>TELE</title>
</head>
<body align="center">
<?php
$message = "LOGIN";
if (isset($_GET['logout']) and $_GET['logout'] == 1) {
$message = "You have been successfully logged out.";
} else if (isset($_GET['login_attempt']) and $_GET['login_attempt'] == 1) {
$message = "Unknown Username and Password Combination/ Not authorized to login.";
}
echo $message;
?>
<br><br>
<form action="<?php echo htmlspecialchars($_SERVER["PHP_SELF"]);?>" method="post">
<table align="center">
<tr>
<td>Username :</td>
<td><input type="text" name="uid" required=""></td>
</tr>
<tr>
<td>Password :</td>
<td><input type="password" name="pwd" required=""></td>
</tr>
<tr>
<td colspan=2><input id="button-style1" name="submit" type="submit" value="Login"></td>
</tr>
</table>
</form>
<br><br>
By: Gaurav Bansal
</body>
</html>
<?php
ob_end_flush();
?>