My problem is as follows: the site contains an administration panel, but it seems that i can't login although i have populated the "admin" table with the necessary fields(username and password) as the below picture illustrates. I have also posted all the codes from the administration folder.

index.php
Code: Select all
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<title>Libraria ToraiBooks</title>
<style type="text/css">
body, p, td {font-family:Verdana, Arial, Helvetica, sans-serif; font-size:12px; }
h1 {font-family:"Times New Roman", Times, serif; font-size:18px; font-weight:bold; color:#336699; font-style:italic;}
.titlu {font-family:Verdana, Arial, Helvetica, sans-serif; font-size:14px; font-weight:bold; color:#0066CC; }
.back {border-style:outset; border-color:#000000; background-color:#FFFFFF; height:300px; background-color:#E1F0F0; margin-left:25%; margin-right:25%; }
.title {color:#003300; font:"Times New Roman", Times, serif; text-align:center; font-size:34px;}
</style>
</head>
<body class="back">
<p class="title"><img src="pictures/adminlogo.png" width=343 height=49/></p>
<h1> Autentificare Administrator</h1>
<form action="login.php" method="post">
<table>
<tr>
<td align="right">Nume: </td>
<td><input type="text" name="nume" /></td>
</tr>
<tr>
<td align="right">Parola: </td>
<td><input type="password" name="parola" /></td>
</tr>
<tr>
<td></td>
<td><input type="submit" value="Autentificare" /></td>
</tr>
</table>
</form>
</body>
</html>Code: Select all
<?php
if (($_POST['nume'] == "") || ($_POST['parola'] == ""))
{
print 'Username or password is missing!<br>
<a href="index.php"><< Inapoi </a>';
exit;
}
include("../conectare.php");
$parolaEncriptata = md5($_POST['parola']);
$sql = "SELECT * FROM admin WHERE admin_nume='".$_POST['nume']."' AND admin_parola='".$parolaEncriptata."'";
$resursa = mysql_query($sql);
if (mysql_num_rows($resursa) != 1)
{
print 'Wrong username or password!<br>
<a href="index.php">Inapoi</a>';
exit;
}
session_start();
$_SESSION['nume_admin'] = $_POST['nume'];
$_SESSION['parola_encriptata'] = $parolaEncriptata;
$_SESSION['key_admin'] = session_id();
header("location: ../administrare/admin.php");
?>Code: Select all
<?php
session_start();
if ($_SESSION['key_admin'] != session_id())
{
print 'Unauthorized access!';
exit;
}
include("../conectare.php");
$sql = "SELECT * FROM admin WHERE admin_nume='".$_SESSION['nume_admin']."' AND admin_parola='".$_SESSION['parola_encriptata']."'";
$resursa = mysql_query($sql);
//daca nu afiseaza un singur rand inseamna ca ceva nu este in ordine si oprim imediat executia
if (mysql_num_rows($resursa) != 1)
{
print 'Acces neautorizat';
}
?>
Code: Select all
<?php
include("autorizare.php");
include("admin_top.php");
?>Code: Select all
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<title>Libraria ToraiBooks</title>
<style type="text/css">
body, p, td {font-family:Verdana, Arial, Helvetica, sans-serif; font-size:12px; }
h1 {font-family:"Times New Roman", Times, serif; font-size:18px; font-weight:bold; color:#336699; font-style:italic;}
.titlu {font-family:Verdana, Arial, Helvetica, sans-serif; font-size:14px; font-weight:bold; color:#0066CC; }
.back {border-style:outset; border-color:#000000; background-color:#FFFFFF; height:700px; background-color:#E1F0F0; margin-left:21%; margin-right:21%; }
.title {color:#003300; font:"Times New Roman", Times, serif; text-align:center; font-size:34px;}
</style>
</head>
<body class="back">
<p class="title"><a href="admin.php"><img src="pictures/adminlogo.png" width=343 height=49 border="0"/></a></p>
<table width="525" border="1" cellpadding="4" cellspacing="0" bgcolor="#F9F1E7" align="center">
<tr align="center">
<td width="88"><a href="adaugare.php">Adauga</a></td>
<td width="151"><a href="modificare_stergere.php">Modifica sau sterge</a></td>
<td width="128"><a href="opinii.php">Opinii vizitatori</a></td>
<td width="116"><a href="comenzi.php">Comenzi</a></td>
</tr>
</table>