Current location: Hot Scripts Forums » Programming Languages » PHP » Modify a script (urgent)


Modify a script (urgent)

Reply
 
LinkBack Thread Tools Display Modes
  #1 (permalink)  
Old 06-18-04, 08:35 PM
Henry's Avatar
Henry Henry is offline
Wannabe Coder
  
Join Date: Jul 2003
Location: Brisbane, Australia
Posts: 218
Thanks: 0
Thanked 0 Times in 0 Posts
Modify a script (urgent)
hello

ive come across this awesome script on the net and its almost perfect except for one fault it only lets me have one username and pasword. is there any way some one could edit it so it would allow more the one username and pasword.

to find the script go to the url below:

http://www.phpbuddy.com/article.php?id=23

or read it here:

PHP Code:

<?php

# Simple password protection

#

# (c) [url]http://www.phpbuddy.com[/url]
# Author: Ranjit Kumar

# Feel free to use this script but keep this message intact!



# To protect a page include this file in your PHP pages!



session_start();



$admin_user_name "admin"

$admin_password "pass";

//you can change the username and password by changing the above two strings 



if (!isset($HTTP_SESSION_VARS['user'])) {

    

    if(isset($HTTP_POST_VARS['u_name'])) 

        $u_name $HTTP_POST_VARS['u_name'];

    

    if(isset($HTTP_POST_VARS['u_password'])) 

        $u_password $HTTP_POST_VARS['u_password'];

    

    if(!isset($u_name)) {

        ?>

        <HTML>

        <HEAD>

        <TITLE><?php echo $HTTP_SERVER_VARS['HTTP_HOST']; ?> : Authentication Required</TITLE>

        </HEAD>

        <BODY bgcolor=#ffffff>

        <table border=0 cellspacing=0 cellpadding=0 width=100%>

             <TR><TD>

             <font face=verdana size=2><B>(Access Restricted to Authorized Personnel)</b> </font></td>

             </tr></table>

        <P></P>

        <font face=verdana size=2>

        <center>

        <?php

        $form_to "http://$HTTP_SERVER_VARS[HTTP_HOST]$HTTP_SERVER_VARS[PHP_SELF]";

        

        if(isset($HTTP_SERVER_VARS["QUERY_STRING"]))

        $form_to $form_to ."?"$HTTP_SERVER_VARS["QUERY_STRING"];

        

        ?>

        <form method=post action=<?php echo $form_to?>>

        <table border=0 width=350>

        <TR>

        <TD><font face=verdana size=2><B>User Name</B></font></TD>

        <TD><font face=verdana size=2><input type=text name=u_name size=20></font></TD></TR>

        <TR>

        <TD><font face=verdana size=2><B>Password</B></font></TD>

        <TD><font face=verdana size=2><input type=password name=u_password size=20></font></TD>

        </TR>

        </table>

        <input type=submit value=Login></form>

        </center>

        </font>

        </BODY>

        </HTML>

        

        <?php

        exit;

    }

    else {

        

        function login_error($host,$php_self) {

            echo "<HTML><HEAD>

            <TITLE>$host :  Administration</TITLE>

            </HEAD><BODY bgcolor=#ffffff>

            <table border=0 cellspacing=0 cellpadding=0 width=100%>

                 <TR><TD align=left>

                 <font face=verdana size=2><B>  You Need to log on to access this part of the site! </b> </font></td>

                 </tr></table>

            <P></P>

            <font face=verdana size=2>

            <center>";

                        

            echo "Error: You are not authorized to access this part of the site!

            <B><a href=$php_self>Click here</a></b> to login again.<P>

            </center>

            </font>

            </BODY>

            </HTML>";

            session_unregister("adb_password");

            session_unregister("user");

            exit;

        }

        

        $user_checked_passed false;

        

        

        if(isset($HTTP_SESSION_VARS['adb_password'])) {

            

            $adb_session_password $HTTP_SESSION_VARS['adb_password'];

            $adb_session_user $HTTP_SESSION_VARS['user'];

            

        

            if($admin_password != $adb_session_password

                login_error($HTTP_SERVER_VARS['HTTP_HOST'],$HTTP_SERVER_VARS['PHP_SELF']);

            else {

                $user_checked_passed true;

            }

        }

        

        

        if($user_checked_passed == false) {

            

            if(strlen($u_name)< 2

                login_error($HTTP_SERVER_VARS['HTTP_HOST'],$HTTP_SERVER_VARS['PHP_SELF']);



                         if($admin_user_name != $u_name//if username not correct

                login_error($HTTP_SERVER_VARS['HTTP_HOST'],$HTTP_SERVER_VARS['PHP_SELF']);    

            

            if(isset($admin_password)) {

                

                if($admin_password == $u_password) {

                    

                    session_register("adb_password");

                    session_register("user");

                    

                    $adb_password $admin_password;

                    $user $u_name;

                }

                else { //password in-correct

                    login_error($HTTP_SERVER_VARS['HTTP_HOST'],$HTTP_SERVER_VARS['PHP_SELF']);

                }

            }

            else {

                login_error($HTTP_SERVER_VARS['HTTP_HOST'],$HTTP_SERVER_VARS['PHP_SELF']);

            }

                

            $page_location $HTTP_SERVER_VARS['PHP_SELF'];

            if(isset($HTTP_SERVER_VARS["QUERY_STRING"]))

            $page_location $page_location ."?"$HTTP_SERVER_VARS["QUERY_STRING"];

            

            header ("Location: "$page_location);

        }

    }

}

?>
__________________
henerz
Reply With Quote
  #2 (permalink)  
Old 06-19-04, 01:22 AM
<?Wille?> <?Wille?> is offline
Junior Code Guru
  
Join Date: Jan 2004
Location: Helsinki, Finland
Posts: 666
Thanks: 0
Thanked 0 Times in 0 Posts
Quote:
Originally Posted by Henry
hello

ive come across this awesome script on the net and its almost perfect except for one fault it only lets me have one username and pasword. is there any way some one could edit it so it would allow more the one username and pasword.
that script doesint use any kind of database.. editing it would not be the smartest thing.. writing a own login script would..
if you have mysql you can use my script:
PHP Code:

<?

session_start();

    header"Last-Modified: " gmdate("D, d M Y H:i:s") . " GMT" );

    header"Cache-Control: no-cache, must-revalidate" );

    header"Pragma: no-cache" );



?>

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">

<html>

<head>

<title>Login</title>

<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">

</head>



<body>

<?

if (!isset($_POST['submit'])):

?>

<form action="<?=$_SERVER['PHP_SELF']?>" method="post" name="login">

  Username:<br>

<input type="text" name="name"><br>

  Password:<br>

<input type="password" name="pwd"><br>

<input type="submit" name="submit" value="Log in">

<input type="reset" name="reset" value="Reset">

</form>



<?

else:



require("connect.php");



$name $_POST['name'];

$pwd $_POST['pwd'];

    

$sql mysql_query("SELECT pwd FROM member WHERE name = '$name'");

$fetch mysql_fetch_array($sql);

$numrows mysql_num_rows($sql);



session_register("valid_user");



if($numrows != "0" && md5($pwd) == $fetch["pwd"]){ 

    $valid_user "1"
} else {

    $valid_user "0";

}

    

    if ($valid_user == "1") {

        echo "<meta http-equiv='refresh' content='1; url=adminpage.php'>";

    } else {

        die ("Error 401<br><h3> UNAUTHORIZED </h3>");

    }

    

endif;



?>



</body>

</html>
this requires that you have a mysql database where you have a table with columns
name (text or varchar()) not null primary key,
pwd varchar(32) not null <-- 32 becourse of md5()

insert one manually via command promt or whatever and make a user management page or insert all manyally
insert into members set name="admin", pwd=md5("password");

then to all protected pages you insert this code:
PHP Code:

<? 

session_start();

if ($_SESSION['valid_user'] == 1): 

$logoutAction $_SERVER['PHP_SELF']."?doLogout=true";

if ((isset($_SERVER['QUERY_STRING'])) && ($_SERVER['QUERY_STRING'] != "")){

  $logoutAction .="&"htmlentities($_SERVER['QUERY_STRING']);

}



if ((isset($_GET['doLogout'])) &&($_GET['doLogout']=="true")){

  //to fully log out a visitor we need to clear the session varialbles

  session_unset();

  session_destroy();

    

  $logoutGoTo "paasivu.html";

  if ($logoutGoTo) {

    echo ("Logging out...");

    echo "<meta http-equiv='refresh' content='2; url=$logoutGoTo'>";

    exit;

  }

}



//

// page contetnt

//

echo("<a href=\"$logoutAction\">Log out</a>"); // logout link



else:

echo("You dont have rights to view this page.<br> please <a href=\"login.php\">log in</a>");

endif;

?>
hope i helped
Wille
Reply With Quote
Reply

Bookmarks

« Please Help me Get rid of this parse error | Gallery Help - Fatal error »

Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools
Display Modes
Linear Mode Linear Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On
Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Help with my largest perl script. Grabbing data from a file. Sunnmann Perl 2 04-23-08 03:27 AM
Looking for a good review management script griz_fan Script Requests 10 07-29-07 05:08 AM
Is there any integrity of script rankings? webmaster@atmanager.com Hot Scripts Forum Questions, Suggestions and Feedback 17 08-06-04 12:12 AM
Urgent: Need PHP script niceguyonline Script Requests 0 02-28-04 01:44 AM
Affiliate script (PHP) whtiebear Job Offers & Assistance 2 12-21-03 12:12 AM


All times are GMT -5. The time now is 05:03 AM.
vBulletin® Copyright ©2000 - 2012, Jelsoft Enterprises Ltd.