home made CMS - works in old layout not new.

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
gaogier
Forum Contributor
Posts: 391
Joined: Wed Mar 02, 2005 1:02 pm
Location: Portsmouth, UK
Contact:

home made CMS - works in old layout not new.

Post by gaogier »

hello

The CMS admin panel will not work in the new layout, it keeps saying that i need to login.

The only thing i have changed is, header to diffhead (which you can see in the code now) and difffooter from footer.

Code: Select all

<?php
include ('diffhead.inc');
 
if(isset($_POST['submit'])){
    if(empty($_POST['username'])){
        $username = FALSE;
        $message = '<table width=98% bgcolor=#faf5f4 class=logfail align=center><tr>
                            <td width=40><img src=images/exclamation.gif></td>
                            <td align=left>
                            <B>Login Failed!</B> <BR>
                            No username entered.
                            <BR>Please Try again<br />
                            </table><br /><br />';
    }else{
        $username = escape_data($_POST['username']);
    }
    if(empty($_POST['password'])){
        $password = FALSE;
        $message1 = '<br /><table width=98% bgcolor=#faf5f4 class=logfail align=center><tr>
                            <td width=40><img src=images/exclamation.gif></td>
                            <td align=left>
                            <B>Login Failed!</B> <BR>
                            No password entered.
                            <BR>Please Try again<br />
                            </table><br /><br />';
    }else{
        $password1 = escape_data($_POST['password']);
        $password = md5($password1);        
    }
    //echo $password1 .' ' .$password. ' ' .$username;
    if($username && $password){
        require_once ('../mysql1_connect1.php');
        $query = "SELECT user_id, username, user_email, user_active, user_password, user_sitemod FROM phpbb_users WHERE username='$username' AND user_password='$password' AND user_sitemod = '1'";
        $result = mysql_query ($query);
        $row = mysql_fetch_array ($result);
        if(mysql_num_rows($result) > 0)
                {
                    $_SESSION['user_sitemod'] = $row['user_sitemod'];
                    $_SESSION['user_avatar'] = $row['user_avatar'];
                    $_SESSION['user_email'] = $row['user_email'];
                    $_SESSION['username'] = $row['username'];
                    $_SESSION['user_id'] = $row['user_id'];
                    //ob_end_clean();
                //  include('diffhead.inc');
                    include ('admin.inc');
                    echo '<p>You\'ve logged in successfully.</p>';
                    include('difffooter.inc');
                }else{
                    $message = '<table width=98% bgcolor=#faf5f4 class=logfail align=center><tr>
                            <td width=40><img src=images/exclamation.gif></td>
                            <td align=left>
                            <B>Login Failed!</B> <BR>
                            The login combination you entered was not found. 
                            <BR>Please Try again<br />
                            </table><br /><br />';      
                    }
    
    
    }
}
 
echo '<font face=verdana size=2 color=#3FC7C9> <b>Login</b></font><br /><br />'.$message.$message1.'
Your browser must allow cookies in order to login.<br />';
?>
<form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post">
                            <table width=98% bgcolor=#f5f8ff class=blueborder align=center><tr>
                            <td width=40><img src=images/keylogin.gif></td>
                            <td align=right>                            
                            <B>Username:</B> <br /><br />
                            <B>Password:</B> <br /></td>
                            <td align=left>
                            <input type="text" name="username" size="10" maxlength="20" class="login" value ="<?php if (isset($_POST['username'])) echo $_POST['username']; ?>" />&nbsp;&nbsp;<small><i>Please enter your username</small></i><br /><br />                          
                            <input type="password" name="password" size="20" maxlength="20" class="login"/>&nbsp;&nbsp;<small><i>Please enter your password</small></i></td></tr>
                            <tr><td width=40></td><td align="center"><input type="submit" name="submit" class="login" value="Login" /></td></tr>
                            </table><br /><br />
</form>
<?php
include ('difffooter.inc');
?>
it is not giving the error message... but if you change all the diffhead back to header and difffooter back to footer it will work... why?
User avatar
andym01480
Forum Contributor
Posts: 390
Joined: Wed Apr 19, 2006 5:01 pm

Re: home made CMS - works in old layout not new.

Post by andym01480 »

no session_start() and you are not checking for the user already being logged in by checking the session. You seem to be checking the form is submitted each time it runs. And if you had logged in already, it would ask you to login because you are not posting the form each time!

Plus Without posting the different headers and footers we wouldn't be able to spot anything!

You could do with tabulating your if statements to make it easier to read too.
Post Reply