php include conf php if isset _POST OK if _POST login_name _POST login

  1
  2
  3
  4
  5
  6
  7
  8
  9
 10
 11
 12
 13
 14
 15
 16
 17
 18
 19
 20
 21
 22
 23
 24
 25
 26
 27
 28
 29
 30
 31
 32
 33
 34
 35
 36
 37
 38
 39
 40
 41
 42
 43
 44
 45
 46
 47
 48
 49
 50
 51
 52
 53
 54
 55
 56
 57
 58
 59
 60
 61
 62
 63
 64
 65
 66
 67
 68
 69
 70
 71
 72
 73
 74
 75
 76
 77
 78
 79
 80
 81
 82
 83
 84
 85
 86
 87
 88
 89
 90
 91
 92
 93
 94
 95
 96
 97
 98
 99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
<?php
include("..\conf.php");
if(isset($_POST["OK"]))
{
if (!$_POST["login_name"] || !$_POST["login_pass"])
{
echo "<CENTER>login yoki parol kiritilmadi</CENTER>";
echo "<center><a href='admin.php'>ortga</a></center>";
exit;
}
if ($_POST["login_name"] == "admin")
{
$result = mysql_query("SELECT * FROM `administrator` WHERE `login`='{$_POST["login_name"]}'");
if (mysql_affected_rows() == 0)
{
echo "siz yozgan login bazada mavjud emas";
echo "<center><a href='admin.php'>ortga</a></center>";
exit;
}
list($id_admin, $login_adm, $login_psw)= mysql_fetch_row($result);
if ($login_psw != md5($_POST["login_pass"]))
{
echo "parol noto`g`ri";
exit;
}
$md_admenter=md5(1);
session_name("ARM");
session_start();
$logintime = time();
$sesid = $login.$logintime.$password;
session_register("sesid");
session_register("login");
session_register("password");
session_register("logintime");
header("Location: ../index.php?admenter=$md_admenter");
exit;
}
else
{
$result = mysql_query("SELECT `id`, `user_st`, `password_st` FROM `student`
WHERE `user_st`='{$_POST["login_name"]}'");
list($id_admin, $login_adm, $login_psw)= mysql_fetch_row($result);
if ($login_adm != $_POST["login_name"])
{
echo "Login noto`g`ri";
exit;
}
if ($login_psw != $_POST["login_pass"])
{
echo "parol noto`g`ri";
exit;
}
$md_admenter=md5(0);
session_name("ARM");
session_start();
$logintime = time();
$sesid = $login.$logintime.$password;
session_register("sesid");
session_register("login");
session_register("password");
session_register("logintime");
header("Location: ../index.php?admenter=$md_admenter");
exit;
}
}
?>
<html>
<head>
<title>Axborot resurs markazi</title>
<meta http-equiv="Content-Type" content="text/html;"/>
<style type="text/css">
@import url(css/admin_login.css);
</style>
<script language="javascript" type="text/javascript">
function setFocus() {
document.loginForm.usrname.select();
document.loginForm.usrname.focus();
}
</script>
</head>
<body onload="setFocus();">
<div id="wrapper">
<div id="header">
<div id="joomla"><img src="icons/header_text.png" alt="Joomla! Logo" /></div>
</div>
</div>
<div id="ctr" align="center">
<div class="login">
<div class="login-form">
<p>&nbsp;</p>
<form action="admin.php" method="post" name="loginForm" id="loginForm">
<div class="form-block">
<div class="inputlabel">Login</div>
<div><input name="login_name" type="text" class="inputbox" size="15" /></div>
<div class="inputlabel">Parol</div>
<div><input name="login_pass" type="password" class="inputbox" size="15" /></div>
<div align="left"><input type="submit" name="OK" class="button" value="Kirish" /></div>
</div>
</form>
</div>
<div class="login-text">
<div class="ctr"><img src="icons/security.png" width="64" height="64" alt="security" /></div>
<p align="center">Kutubxona tizimiga xush kelibsiz!</p>
<p align="center">Tizimga kirish uchun administrator maqomiga ega bo`lishingiz kerak!</p>
</div>
<div class="clr"></div>
</div>
</div>
<BR><BR>
<div class="footer" align="center">
<div align="center">
<b><?php echo $title ?></b>
</div>
</div>
</body>
</html>