Help me

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
arjunkr
Forum Newbie
Posts: 1
Joined: Wed Nov 24, 2010 10:20 am

Help me

Post by arjunkr »

I am not able to login as admin. below is the code
please help me to disable admin check

<?php
session_start( );
include_once( dirname( __FILE__ )."/../inc/func/get_sth.php" );
include_once( _ABSPATH_."/inc/func/header.php" );
if ( $_GET["f"] == "login" )
{
$adminuser = strtolower( strip_tags( trim( $_POST["adminuser"] ) ) );
$r_0 = strtolower( strip_tags( trim( $_SESSION["r"] ) ) );
$r_1 = strtolower( strip_tags( trim( $_POST["r"] ) ) );
if ( $r_0 == $r_1 )
{
$result = mysql_query( "SELECT password FROM admin where adminuser='".$adminuser."'" );
$val = mysql_fetch_array( $result );
if ( !$val["password"] )
{
$loginfail = 1;
}
else
{
if ( $val[password] === md5( $_POST["password"] ) )
{
$_SESSION['admin'] = $adminuser;
header( "Location: ./" );
exit( );
}
$loginfail = 1;
}
}
else
{
$loginfail = 2;
}
}
$page_title = l( "Administration Login" )." | ".get_sitename( );
$smarty->assign( "page_title", $page_title );
$smarty->assign( "loginfail", $loginfail );
$smarty->display( "mgt/login.tpl" );
?>
User avatar
Christopher
Site Administrator
Posts: 13596
Joined: Wed Aug 25, 2004 7:54 pm
Location: New York, NY, US

Re: Help me

Post by Christopher »

One problem is that you are using mysql_fetch_array() when you should be using mysql_fetch_assoc(). Also, you can check if the password also matches in your SQL statement.
(#10850)
Post Reply