-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathadmin_verify.php
120 lines (87 loc) · 2.5 KB
/
admin_verify.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
<?php
// session_start();
// if(!isset($_POST['submit'])){
// echo "Something wrong! Check again!";
// exit;
// }
// require_once "./functions/database_functions.php";
// $conn = db_connect();
// $name = trim($_POST['name']);
// $pass = trim($_POST['pass']);
// if($name == "" || $pass == ""){
// echo "Name or Pass is empty!";
// exit;
// }
// $name = mysqli_real_escape_string($conn, $name);
// $pass = mysqli_real_escape_string($conn, $pass);
// $pass = sha1($pass);
// // get from db
// $query = "SELECT name, pass from admin";
// $result = mysqli_query($conn, $query);
// if(!$result){
// echo "Empty data " . mysqli_error($conn);
// exit;
// }
// $row = mysqli_fetch_assoc($result);
// if($name != $row['name'] && $pass != $row['pass']){
// echo "Name or pass is wrong. Check again!";
// $_SESSION['admin'] = false;
// exit;
// }
// else
// {
// if(isset($conn)) {mysqli_close($conn);}
// $_SESSION['admin'] = true;
// header("Location: admin_book.php");
// }
?>
<?php
session_start();
if(isset($_POST['submit'])){
$conn=new mysqli("localhost","root","","www_project");
if(!$conn){
die("Connection failed".mysqli_connect_error());
}
// else{
// //echo "Connected";
// }
// echo "Something wrong! Check again!";
// exit;
// require_once "./functions/database_functions.php";
// $conn = db_connect();
$name = trim($_POST['name']);
$pass = trim($_POST['pass']);
if($name == "" || $pass == ""){
//echo "Name or Pass is empty!";
echo "<script type='text/javascript'>alert('Name or Pass is empty!');window.location.href='admin.php';</script>";
exit;
}
// $name = mysqli_real_escape_string($conn, $name);
// $pass = mysqli_real_escape_string($conn, $pass);
// $pass = sha1($pass);
// // get from db
$query = "SELECT * from admin WHERE name='$name' AND pass='$pass'";
$result = mysqli_query($conn, $query);
$cnt=mysqli_num_rows($result);
if($cnt==1){
$_SESSION['admin'] = true;
header("Location: admin_book.php");
}
// $row = mysqli_fetch_assoc($result);
// $cnt=mysqli_num_rows($result);
// if($cnt==1){
// $_SESSION['admin'] = true;
// header("Location: admin_book.php");
else{
//echo $cnt;
echo "<script type='text/javascript'>alert('Name or pass is wrong. Check again!');window.location.href='admin.php';</script>";
$_SESSION['admin'] = false;
exit;
}
// if(isset($conn)) {
mysqli_close($conn);
}
// // // $_SESSION['admin'] = true;
// // header("Location: admin_book.php");
?>
<script type="text/javascript"></script>