-
Notifications
You must be signed in to change notification settings - Fork 48
/
login.php
97 lines (93 loc) · 3.81 KB
/
login.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
<?php include('header.php'); ?>
<?php if ( !isset($_SESSION) ) session_start(); ?>
<?php error_reporting(E_ALL);
ini_set('display_errors', 1); ?>
<div class="container">
<header>
<h1 style="text-align:center;">Easy Hotspot</h1>
<h2 style="text-align:center;">Simple HotSpot User Management Utility</h2>
<h3 style="text-align:center;">By TEAM ZETOZONE</h3>
</header>
<div class="row">
<div class="col-sm-6 col-sm-offset-3 well" style="box-shadow: 10px 10px 5px #888888;">
<div class="panel panel-primary">
<div class="panel panel-heading">
<p><strong>Login using Registered Credentials</strong></p>
</div>
<div class="panel-body">
<form class="form-horizontal" id="loginform" action="" method="POST">
<div class="form-group form-group-sm">
<label class="col-sm-2 control-label" for="txt_user_name">Username</label>
<div class="col-sm-8">
<input type="text" id="txt_user_name" name="username" placeholder="Registered Username" required class="form-control" autofocus>
</div>
</div>
<div class="form-group form-group-sm">
<label class="col-sm-2 control-label" for="txt_password">Password</label>
<div class="col-sm-8">
<input type="password" id="password" name="password" placeholder="Password" placeholder="Password" required class="form-control">
</div>
</div>
<div class="form-group form-group-sm">
<div class="col-sm-2 col-sm-offset-4">
<button id="btn_login" name="btn_login" type="submit" class="btn btn-primary"> Submit</button>
</div>
<div class="col-sm-2">
<button id="btn_cancel" name="btn_cancel" type="reset" class="btn btn-success"> Cancel</button>
</div>
</div>
</form>
<?php
if (isset($_POST['btn_login'])){
$username = $_POST['username'];
$password = $_POST['password'];
$password= sha1($password);
include('dbconfig.php');
try {
$stmt = $DB_con->prepare("SELECT user_id FROM hotspot_users WHERE 1");
$stmt->execute(array());
}
catch(PDOException $e) {
try {
include('database.php');
$stmt = $DB_con->prepare("SELECT user_id FROM hotspot_users WHERE 1");
$stmt->execute(array());
}
catch(PDOException $e) {
echo "Error Accessing Data: " . $e->getMessage();
}
}
$count = $stmt->rowCount();
if( $count == 0 ) {
$password = sha1('admin');
$stmt = $DB_con->prepare("insert into hotspot_users (date_added, firstname, username, password, user_level, status, user_group, created_at)
values(CURDATE(), 'Administrator', :username, :password, :level, 'Active', 1, NOW())");
$stmt->execute(array(':username' => 'admin', ':password' => $password, ':level' => 1));
}
try
{
$stmt = $DB_con->prepare("SELECT * FROM hotspot_users WHERE username=:username AND password =:password AND status =:status");
$stmt->execute(array(':username' => $username, ':password' => $password, ':status' => 'Active'));
$count = $stmt->rowCount();
}
catch(PDOException $e) {
echo "Error: " . $e->getMessage();
}
if( $count == 1 ) {
$row=$stmt->fetch(PDO::FETCH_ASSOC);
$_SESSION['id']=$row['user_id'];
$_SESSION['username']=$row['firstname'].' '.$row['lastname'];
$_SESSION['user_level']= $row['user_level'];
echo '<script language="javascript">window.location.href ="index.php";</script>';
}
else
{
echo '<script>cmodal("Access Denied!", "No Active User account with the given Username/Password Combination!", "error", "index.php")</script>';
}
}
?>
</div>
</div>
</div>
</div>
</div>