PHP Admin Login Issue
Posted: Thu Apr 19, 2007 11:40 am
Hello all,
I have hit a wall
. Now let me start off by saying i DO NOT know php. I have the ability to understand patterns and manipulate but i just haven't had the experience yet to really know what i'm doing. I have a program i found and have manipulated that is basically a 'help desk' ticketing application, that will allow me to better manage things at work in my department. I currently have this hosted through a computer with XP using the Apache Web Suite Developer.
The Problem:
When i go to the 'admin login' and try to login, it doesn't work. I get a thing saying "Your session has expired, please login using the form below." (that is just from the language file). Because i really don't know what to do, i've included the part i THINK of the code that would be dedicated to this. If there is more that i can provide, or question i can answer to be able to make this better understood please don't hesitate, i've been trying so hard to get this to work.
I have hit a wall
The Problem:
When i go to the 'admin login' and try to login, it doesn't work. I get a thing saying "Your session has expired, please login using the form below." (that is just from the language file). Because i really don't know what to do, i've included the part i THINK of the code that would be dedicated to this. If there is more that i can provide, or question i can answer to be able to make this better understood please don't hesitate, i've been trying so hard to get this to work.
define('IN_SCRIPT',1);
/* Get all the required files and functions */
require_once('hesk_settings.inc.php');
require_once('language/'.$hesk_settings['language'].'.inc.php');
require_once('inc/common.inc.php');
hesk_session_start();
require_once('inc/database.inc.php');
hesk_dbConnect() or hesk_error("$hesklang[cant_connect_db] $hesklang[contact_webmsater] $hesk_settings[webmaster_mail]!");
/* What should we do? */
$action=hesk_input($_REQUEST['a']) or $action='login';
if ($action == 'login') {print_login();}
elseif ($action == 'do_login') {do_login();}
elseif ($action == 'logout') {logout();}
else {hesk_error($hesklang['invalid_action']);}
/* Print footer */
require_once('inc/footer.inc.php');
exit();
/*** START FUNCTIONS ***/
function do_login() {
global $hesklang;
$user=hesk_isNumber($_POST['user'],$hesklang['select_username']);
$pass=hesk_input($_POST['pass'],$hesklang['enter_pass']);
$sql = "SELECT * FROM `hesk_users` WHERE `id`=$user LIMIT 1";
$result = hesk_dbQuery($sql) or hesk_error("$hesklang[cant_sql]: $sql</p><p>$hesklang[mysql_said]:<br>".mysql_error()."</p><p>$hesklang[contact_webmsater] $hesk_settings[webmaster_mail]");
$_SESSION=hesk_dbFetchAssoc($result);
/* Check password */
if ($pass != $_SESSION['pass']) {
hesk_session_stop();
hesk_error($hesklang['wrong_pass']);
}
session_regenerate_id();
/* Get allowed categories */
if (empty($_SESSION['isadmin'])) {
$cat=substr($_SESSION['categories'], 0, -1);
$_SESSION['categories']=explode(",",$cat);
}
if ($url=hesk_input($_REQUEST['goto'])) {
Header("Location: $url");
} else {
Header("Location: admin_main.php");
}
exit();
} // End do_login()
function print_login() {
require_once('inc/header.inc.php');
global $hesk_settings, $hesklang;
?>
<p class="smaller"><a href="<?php echo $hesk_settings['site_url']; ?>"
class="smaller"><?php echo $hesk_settings['site_title']; ?></a> >
<?php echo $hesklang['admin_login']; ?><br> </p>
</td>
</tr>
<tr>
<td>
<p> </p>
<h3 align="center"><?php echo $hesklang['login']; ?></h3>
<?php
if ($_REQUEST['notice']) {
echo "<p align=\"center\" class=\"important\">$hesklang[session_expired]</p>";
}
?>
<form action="admin.php" method="POST">
<div align="center">
<center>
<table border="0" cellspacing="1" cellpadding="5">
<tr>
<td align="right"><?php echo $hesklang['user']; ?>: </td>
<td><select name="user">
<?php
$sql = "SELECT * FROM `hesk_users`";
$result = hesk_dbQuery($sql) or hesk_error("$hesklang[cant_sql]: $sql</p><p>$hesklang[mysql_said]:<br>".mysql_error()."</p><p>$hesklang[contact_webmsater] $hesk_settings[webmaster_mail]");
while ($row=hesk_dbFetchAssoc($result))
{
echo "
<option value=\"$row[id]\">$row[user]</option>
";
}
?>
</select></td>
</tr>
<tr>
<td align="right"><?php echo $hesklang['pass']; ?>: </td>
<td><input type="password" name="pass"></td>
</tr>
</table>
</center>
</div>
<p align="center"><input type="hidden" name="a" value="do_login">
<?php
if ($url=hesk_input($_REQUEST['goto'])) {
echo "<input type=\"hidden\" name=\"goto\" value=\"$url\">";
}
?>
<input type="submit" value="<?php echo $hesklang['login']; ?>" class="button"></p>
</form>
<?php
} // End print_login()
function logout() {
require_once('inc/header.inc.php');
global $hesk_settings, $hesklang;
hesk_session_stop();
?>
<p class="smaller"><a href="<?php echo $hesk_settings['site_url']; ?>"
class="smaller"><?php echo $hesk_settings['site_title']; ?></a> >
<?php echo $hesklang['logged_out']; ?><br> </p>
</td>
</tr>
<tr>
<td>
<p> </p>
<h3 align="center"><?php echo $hesklang['logout']; ?></h3>
<p> </p>
<p align="center"><?php echo $hesklang['logout_success']; ?></p>
<p> </p>
<p align="center"><a href="admin.php"><?php echo $hesklang['click_login']; ?></a></p>
<p> </p>
<p> </p>
<p> </p>
<p> </p>
<p> </p>
<p> </p>
<p> </p>
<p> </p>
<?php
require_once('inc/footer.inc.php');
exit();
} // End logout()
?>