Hi all.
I had a guy overseas code this for me and he didn't remove the login function. Can some one look at this and advise how I can get rid of the login part of this. For some reason he has fallen off the face of the earth and I can't get ahold of him. When I asked him to remove it he told me to add this line to the bottom of the dsn.php script. <link rel=\"STYLESHEET\" type=\"text/css\" href=\"../css.css?\">
I entered it but I get a parse error. Here's the dsn and the verify scripts that he sent me. All of the scripts seem to work fine otherwise.
dsn.php
<?php
$mydb_cn = @mysql_connect ('localhost', 'root', ''); //Set your password here
$sitePath = "/"; // Set your site path, if it is hosted then it will be only "/"
$rootPath = "/var/ //Set full path of your server
if (!$mydb_cn) {
echo ("<p> Database unavailable....</p>");
exit();
}
if (! @mysql_select_db ("cqi", $mydb_cn) ){
echo ("<p>Unable to connect to Database</p>");
mysql_close($mydb_cn);
exit();
}
include_once("$rootPath/getglobal.php");
?>
verify.php<?
session_start();
echo "
<link rel=\"STYLESHEET\" type=\"text/css\" href=\"../css.css?\">
";
include_once("dsn.php");
$sesMemberId = @$HTTP_SESSION_VARS["sesMemberId"];
global $QUERY_STRING, $PHP_SELF;
if (strlen(trim(@$HTTP_SESSION_VARS["sesMemberId"])) == 0) {
$login = @$HTTP_POST_VARS["login"];
$password = @$HTTP_POST_VARS["password"];
if ( (strlen(@$login) == 0) or (strlen(@$password) == 0) ){
echo "<form method=\"POST\" action=\"$PHP_SELF?$QUERY_STRING\">
<h2>Login Here</h2> </p>
<table cellspacing = 2 cellpadding = 2 align = left width = 80%>
<tr>
<td> </td>
<Td colspan = 2>
You have requested access to a restricted area. Before continuing, you must
authenticate yourself to the system by entering a user ID and password.
</TD></tr>
<tr>
<td> </td>
<Td width = 20%>
<p>User ID: </td><Td><input type=\"text\" name=\"login\" size=\"20\"></td></tr>
<tr>
<td> </td>
<Td>
Password: </td><Td><input type=\"password\" name=\"password\" size=\"20\"></td></tr>
<tr>
<td> </td>
<Td colspan = 2 align = center>
<p><input type=\"submit\" value=\"Login\" name=\"B1\"> </p></form>
</td></tr>
</table>
";
exit;
} else {
$sql = "SELECT id, name FROM mainadmin where login = '$login' and password = password('$password')";
$rs = mysql_query($sql);
$row = mysql_fetch_array($rs);
if (mysql_num_rows($rs) == 0) {
echo "<font face=arial><small>Sorry but the Password you have typed is Incorrect.<br>
For Further information you can contact our administrator at
<a href=\"mailto:info@cqi.com\">Information Department</a>
<br>Thank you</font></small>";
mysql_close($mydb_cn);
exit();
} else {
//ses_login
session_register("sesMemberId");
$HTTP_SESSION_VARS["sesMemberId"] = $row["id"];
$sesMemberId = $row["id"];
session_register("sesMemberName");
$HTTP_SESSION_VARS["sesMemberName"] = $row["name"];
$sesMemberName = $row["name"];
}
mysql_free_result($rs);
}
}
?>
Thanks for looking
Ed
I had a guy overseas code this for me and he didn't remove the login function. Can some one look at this and advise how I can get rid of the login part of this. For some reason he has fallen off the face of the earth and I can't get ahold of him. When I asked him to remove it he told me to add this line to the bottom of the dsn.php script. <link rel=\"STYLESHEET\" type=\"text/css\" href=\"../css.css?\">
I entered it but I get a parse error. Here's the dsn and the verify scripts that he sent me. All of the scripts seem to work fine otherwise.
dsn.php
<?php
$mydb_cn = @mysql_connect ('localhost', 'root', ''); //Set your password here
$sitePath = "/"; // Set your site path, if it is hosted then it will be only "/"
$rootPath = "/var/ //Set full path of your server
if (!$mydb_cn) {
echo ("<p> Database unavailable....</p>");
exit();
}
if (! @mysql_select_db ("cqi", $mydb_cn) ){
echo ("<p>Unable to connect to Database</p>");
mysql_close($mydb_cn);
exit();
}
include_once("$rootPath/getglobal.php");
?>
verify.php<?
session_start();
echo "
<link rel=\"STYLESHEET\" type=\"text/css\" href=\"../css.css?\">
";
include_once("dsn.php");
$sesMemberId = @$HTTP_SESSION_VARS["sesMemberId"];
global $QUERY_STRING, $PHP_SELF;
if (strlen(trim(@$HTTP_SESSION_VARS["sesMemberId"])) == 0) {
$login = @$HTTP_POST_VARS["login"];
$password = @$HTTP_POST_VARS["password"];
if ( (strlen(@$login) == 0) or (strlen(@$password) == 0) ){
echo "<form method=\"POST\" action=\"$PHP_SELF?$QUERY_STRING\">
<h2>Login Here</h2> </p>
<table cellspacing = 2 cellpadding = 2 align = left width = 80%>
<tr>
<td> </td>
<Td colspan = 2>
You have requested access to a restricted area. Before continuing, you must
authenticate yourself to the system by entering a user ID and password.
</TD></tr>
<tr>
<td> </td>
<Td width = 20%>
<p>User ID: </td><Td><input type=\"text\" name=\"login\" size=\"20\"></td></tr>
<tr>
<td> </td>
<Td>
Password: </td><Td><input type=\"password\" name=\"password\" size=\"20\"></td></tr>
<tr>
<td> </td>
<Td colspan = 2 align = center>
<p><input type=\"submit\" value=\"Login\" name=\"B1\"> </p></form>
</td></tr>
</table>
";
exit;
} else {
$sql = "SELECT id, name FROM mainadmin where login = '$login' and password = password('$password')";
$rs = mysql_query($sql);
$row = mysql_fetch_array($rs);
if (mysql_num_rows($rs) == 0) {
echo "<font face=arial><small>Sorry but the Password you have typed is Incorrect.<br>
For Further information you can contact our administrator at
<a href=\"mailto:info@cqi.com\">Information Department</a>
<br>Thank you</font></small>";
mysql_close($mydb_cn);
exit();
} else {
//ses_login
session_register("sesMemberId");
$HTTP_SESSION_VARS["sesMemberId"] = $row["id"];
$sesMemberId = $row["id"];
session_register("sesMemberName");
$HTTP_SESSION_VARS["sesMemberName"] = $row["name"];
$sesMemberName = $row["name"];
}
mysql_free_result($rs);
}
}
?>
Thanks for looking
Ed