Pesquisar na Comunidade
Mostrando resultados para as tags ''pagina de login''.
Encontrado 2 registros
-
Gente primeiramente boa tarde a todos , bem não sou um expert em php , nem muito bom, venho até o scriptbrasil pedir uma ajuda aos amigos. Vamos lá baixei um script de login para testar no meu site, upei ele criei o banco de dados tudo certo, porem quando vou logar na conta que registro da LOGIN INVALIDO colocarei abaixo a source de tudo que coloquei la desde já agradeço mesmo. o index.php ficou assim : <?php include 'dbc.php'; $err = array(); foreach($_GET as $key => $value) { $get[$key] = filter($value); } if ($_POST['doLogin']=='Login') { foreach($_POST as $key => $value) { $data[$key] = filter($value); } $user_email = $data['usr_email']; $pass = $data['pwd']; if (strpos($user_email,'@') === false) { $user_cond = "user_name='$user_email'"; } else { $user_cond = "user_email='$user_email'"; } $result = mysql_query("SELECT `id`,`pwd`,`full_name`,`approved`,`user_level`,`date`,`data_expira` FROM users WHERE $user_cond AND `banned` = '0'") or die (mysql_error()); $num = mysql_num_rows($result); if ( $num > 0 ) { list($id,$pwd,$full_name,$approved,$user_level,$data_sqlret,$date_expira) = mysql_fetch_row($result); $data = date('Y-m-d'); if ($date_expira < $data){ echo "<script>alert('VENCIDO')</script>"; mysql_query("UPDATE users SET approved = '0' WHERE full_name='$full_name'"); $err[] = "Venceu"; } if(!$approved) { $err[] = "Conta não Ativada"; } if ($pwd === PwdHash($pass,substr($pwd,0,9))) { if(empty($err)){ session_start(); session_regenerate_id (true); $_SESSION['user_id']= $id; $_SESSION['user_name'] = $full_name; $_SESSION['user_level'] = $user_level; $_SESSION['HTTP_USER_AGENT'] = md5($_SERVER['HTTP_USER_AGENT']); $stamp = time(); $ckey = GenKey(); mysql_query("update users set `ctime`='$stamp', `ckey` = '$ckey' where id='$id'") or die(mysql_error()); if(isset($_POST['remember'])){ setcookie("user_id", $_SESSION['user_id'], time()+60*60*24*COOKIE_TIME_OUT, "/"); setcookie("user_key", sha1($ckey), time()+60*60*24*COOKIE_TIME_OUT, "/"); setcookie("user_name",$_SESSION['user_name'], time()+60*60*24*COOKIE_TIME_OUT, "/"); } header("Location: painel.php"); } } else { $err[] = "Login Invalido"; } } else { $err[] = "não Existe Login"; } } ?> <html> <head> <meta http-equiv="Content-Type" content="text/xhtml; charset=UTF-8" /> <meta name="viewport" content="width=device-width, initial-scale=1.0"> <meta name="description" content=""> <meta name="author" content="TECHNOLOGY CHECKER"> <meta name="keyword" content="PHP SCRIPT, CHECKER LOJAS, TESTADORES PRIV8, CHECKER CC, CONSULTAS"> <title>TECHNOLOGY CHECKER V3.0 - MADE IN BRAZIL PRIV8</title> <link href="assets/css/bootstrap.css" rel="stylesheet"> <link href="assets/font-awesome/css/font-awesome.css" rel="stylesheet" /> <link href="assets/css/style.css" rel="stylesheet"> <link href="assets/css/style-responsive.css" rel="stylesheet"> </head> <body> <div id="login-page"> <div class="container"> <form class="form-login" method="POST" action="index.php"> <h2 class="form-login-heading">ACESSO AO SISTEMA</h2> <div class="login-wrap"> <input name="usr_email" placeholder="Usuario" type="text" class="form-control" id="txtbox" placeholder="Usuario" autofocus> <br> <input name="pwd" type="password" placeholder="Senha" class="form-control" id="txtbox" placeholder="Senha"> <br> <center> <?php if(!empty($err)) { echo "<div class=\"msg\">"; foreach ($err as $e) { echo "$e <br>"; } echo "</div>"; } ?> </center> <br> <input name="doLogin" class="btn btn-theme btn-block" type="submit" id="doLogin3" value="Login"> <hr> <div class="registration"> Serviços Abaixo Disponiveis.<br/> <a class="" href="forgot.php"> Trocar Senha / Recuperar </a> </div> </div> <script src="http://static.tumblr.com/8l2gpxb/lcllulgcn/snowstorm.js"></script> <center> <p> <a href="http://achecker.ca/checker/index.php?uri=referer&gid=WCAG2-AA"><img src="http://achecker.ca/images/icon_W2_aa.jpg" alt="WCAG 2.0 (Level AA)" height="32" width="102" /></a></p><a href="http://www.siteblindado.com"><img src="http://s3-sa-east-1.amazonaws.com/selo.siteblindado.com/seals_aw/siteblindado.com/siteblindado.gif" alt="Website Security Test" border="0" /></a> </center> </form> </div> </div> <script src="assets/js/jquery.js"></script> <script src="assets/js/bootstrap.min.js"></script> <script type="text/javascript" src="assets/js/jquery.backstretch.min.js"></script> <script> $.backstretch("http://www.yogareal.com.au/wp-content/uploads/2014/11/Merry-Christmas-Wallpapers-2014-3.jpg", {speed: 500}); </script> <!-- Histats.com START (hidden counter)--> <script type="text/javascript">document.write(unescape("%3Cscript src=%27http://s10.histats.com/js15.js%27 type=%27text/javascript%27%3E%3C/script%3E"));</script> <a href="http://www.histats.com" target="_blank" title="web page hit counter" ><script type="text/javascript" > try {Histats.start(1,3110055,4,0,0,0,""); Histats.track_hits();} catch(err){}; </script></a> <noscript><a href="http://www.histats.com" target="_blank"><img src="http://sstatic1.histats.com/0.gif?3110055&101" alt="web page hit counter" border="0"></a></noscript> <!-- Histats.com END --> <EMBED SRC="https://www.vagalume.com.br/cancoes-de-natal/" AUTOSTART="TRUE" LOOP="TRUE" WIDTH="1" HEIGHT="1" ALIGN="CENTER"></EMBED> </body> </html> ==================================================================================================================================================== O register.php assim : <?php /*************** PHP LOGIN SCRIPT V 2.0********************* ***************** Auto Approve Version********************** (c) Balakrishnan 2009. All Rights Reserved Usage: This script can be used FREE of charge for any commercial or personal projects. Limitations: - This script cannot be sold. - This script may not be provided for download except on its original site. For further usage, please contact me. ***********************************************************/ include 'dbc.php'; $err = array(); if($_POST['doRegister'] == 'Register') { /******************* Filtering/Sanitizing Input ***************************** This code filters harmful script code and escapes data of all POST data from the user submitted form. *****************************************************************/ foreach($_POST as $key => $value) { $data[$key] = filter($value); } /************************ SERVER SIDE VALIDATION **************************************/ /********** This validation is useful if javascript is disabled in the browswer ***/ if(empty($data['full_name']) || strlen($data['full_name']) < 4) { $err[] = "ERRO - Nome inválido . Por favor, indique 3 ou mais caracteres para o seu nome"; //header("Location: register.php?msg=$err"); //exit(); } // Validate User Name if (!isUserID($data['user_name'])) { $err[] = "ERRO - nome de usuário inválido . Ele pode conter alfabeto, número e sublinhado."; //header("Location: register.php?msg=$err"); //exit(); } // Validate Email if(!isEmail($data['usr_email'])) { $err[] = "ERRO - E-mail inválido."; //header("Location: register.php?msg=$err"); //exit(); } // Check User Passwords if (!checkPwd($data['pwd'],$data['pwd2'])) { $err[] = "ERRO - senha ou incompatibilidade inválido . Digite 5 caracteres ou mais"; //header("Location: register.php?msg=$err"); //exit(); } $user_ip = $_SERVER['REMOTE_ADDR']; // stores sha1 of password $sha1pass = PwdHash($data['pwd']); // Automatically collects the hostname or domain like example.com) $host = $_SERVER['HTTP_HOST']; $host_upper = strtoupper($host); $path = rtrim(dirname($_SERVER['PHP_SELF']), '/\\'); // Generates activation code simple 4 digit number $activ_code = rand(1000,9999); $usr_email = $data['usr_email']; $user_name = $data['user_name']; /************ USER EMAIL CHECK ************************************ This code does a second check on the server side if the email already exists. It queries the database and if it has any existing email it throws user email already exists *******************************************************************/ $rs_duplicate = mysql_query("select count(*) as total from users where user_email='$usr_email' OR user_name='$user_name'") or die(mysql_error()); list($total) = mysql_fetch_row($rs_duplicate); if ($total > 0) { $err[] = "ERRO - O nome de usuário / e-mail já existe. Por favor, tente novamente com o nome de usuário e e-mail diferente ."; //header("Location: register.php?msg=$err"); //exit(); } /***************************************************************************/ if(empty($err)) { $sql_insert = "INSERT into `users` (`full_name`,`user_email`,`pwd`,`address`,`tel`,`fax`,`website`,`date`,`users_ip`,`activation_code`,`country`,`user_name` ) VALUES ('$data[full_name]','$usr_email','$sha1pass','$data[address]','$data[tel]','$data[fax]','$data[web]' ,now(),'$user_ip','$activ_code','$data[country]','$user_name' ) "; mysql_query($sql_insert,$link) or die("Insertion Failed:" . mysql_error()); $user_id = mysql_insert_id($link); $md5_id = md5($user_id); mysql_query("update users set md5_id='$md5_id' where id='$user_id'"); // echo "<h3>Thank You</h3> We received your submission."; if($user_registration) { $a_link = " *****ACTIVATION LINK*****\n http://$host$path/activate.php?user=$md5_id&activ_code=$activ_code "; } else { $a_link = "A sua conta é * PENDENTE DE APROVAÇÃO * e será ativado em breve o administrador. "; } $message = "Olá \n Obrigado por registrar conosco. Aqui estão os detalhes de login...\n User ID: $user_name Email: $usr_email \n Passwd: $data[pwd] \n $a_link Obrigado Administrator $host_upper ______________________________________________________ THIS IS AN AUTOMATED RESPONSE. ***DO NOT RESPOND TO THIS EMAIL**** "; mail($usr_email, "Detalhes Login", $message, "From: \"Member Registration\" <auto-reply@$host>\r\n" . "X-Mailer: PHP/" . phpversion()); header("Location: thankyou.php"); exit(); } } ?> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/xhtml; charset=UTF-8" /> <meta name="viewport" content="width=device-width, initial-scale=1.0"> <meta name="description" content=""> <meta name="author" content="TECHNOLOGY CHECKER"> <meta name="keyword" content="PHP SCRIPT, CHECKER LOJAS, TESTADORES PRIV8, CHECKER CC, CONSULTAS"> <title>TECHNOLOGY CHECKER V3.0 - MADE IN BRAZIL PRIV8</title> <link href="assets/css/bootstrap.css" rel="stylesheet"> <link href="assets/font-awesome/css/font-awesome.css" rel="stylesheet" /> <link href="assets/css/style.css" rel="stylesheet"> <link href="assets/css/style-responsive.css" rel="stylesheet"> </head> <script> $(document).ready(function(){ $.validator.addMethod("username", function(value, element) { return this.optional(element) || /^[a-z0-9\_]+$/i.test(value); }, "Username must contain only letters, numbers, or underscore."); $("#regForm").validate(); }); </script> </head> <body> <table width="100%" border="0" cellspacing="0" cellpadding="5" class="main"> <tr> <td colspan="3"> </td> </tr> <tr> <td width="160" valign="top"><p> </p> <p> </p> <p> </p> <p> </p> <p> </p></td> <td width="732" valign="top"><p> <?php if (isset($_GET['done'])) { ?> <h2>Obrigado!</h2><a href="login.php">login here</a>"; <?php exit(); } ?></p> <h3 class="titlehdr">CADASTRAMENTO DE LOGIN</h3> <p>O registro é rápido! Por favor, note que os campos marcados <span class="required">*</span> São necessarios.</p> <?php if(!empty($err)) { echo "<div class=\"msg\">"; foreach ($err as $e) { echo "* $e <br>"; } echo "</div>"; } ?> <div class="main"> <div class="login-form"> <h1>CADASTRAMENTO</h1> <form action="register.php" method="post" name="regForm" id="regForm" > <table width="100%" border="0" cellpadding="3" cellspacing="3" class="forms"> <tr> <td colspan="2">Nome<span class="required"><font color="#CC0000">*</font></span> <input name="full_name" type="text" id="full_name" size="40" class="required"></td> </tr> <tr> <td colspan="2"> </td> </tr> <tr> <td colspan="2">Cep<span class="required"><font color="#CC0000">*</font></span> <input name="address" type="text" id="address" class="required"></td> </tr> <tr> <td>Pais <font color="#CC0000">*</font></span> <td> </br> <select name="country" class="required" id="select8"> <option value="" selected></option> <option value="Brasil">Brasil</option> </select></td> </br> </br> </br> </tr> </br> <tr> <td>Telefone<span class="required"><font color="#CC0000">*</font></span> </td> <td><input name="tel" type="text" id="tel" class="required"></td> </tr> <tr> <td>Fax </td> <td><input name="fax" type="text" id="fax"> </td> </tr> <tr> <td>Site </td> <td><input name="web" type="text" id="web" class="optional defaultInvalid url"> <span class="example">http://www.example.com</span></td> </tr> <tr> <td>Login<span class="required"><font color="#CC0000">*</font></span></td> <td><input name="user_name" type="text" id="user_name" class="required username" minlength="5" > <input name="btnAvailable" type="button" id="btnAvailable" onclick='$("#checkid").html("Please wait..."); $.get("checkuser.php",{ cmd: "check", user: $("#user_name").val() } ,function(data){ $("#checkid").html(data); });' value="Check Availability"> <span style="color:red; font: bold 12px verdana; " id="checkid" ></span> </td> </tr> <tr> <td>Email<span class="required"><font color="#CC0000">*</font></span> </td> <td><input name="usr_email" type="text" id="usr_email3" class="required email"> </tr> <tr> <td>Senha<span class="required"><font color="#CC0000">*</font></span> </td> <td><input name="pwd" type="password" class="required password" minlength="5" id="pwd"> </tr> <tr> <td>Confirme Senha<span class="required"><font color="#CC0000">*</font></span> </td> <td><input name="pwd2" id="pwd2" class="required password" type="password" minlength="5" equalto="#pwd"></td> </tr> <tr> <td colspan="2"> </td> </tr> </table> <p align="center"> <input name="doRegister" type="submit" id="doRegister" value="Register"> </p> </form> </td> </table> </body> </html> ================================================================================================================= o dbc.php ficou assim : <?php /*************** PHP LOGIN SCRIPT V 2.3********************* (c) Balakrishnan 2010. All Rights Reserved Usage: This script can be used FREE of charge for any commercial or personal projects. Enjoy! Limitations: - This script cannot be sold. - This script should have copyright notice intact. Dont remove it please... - This script may not be provided for download except from its original site. For further usage, please contact me. /******************** MAIN SETTINGS - PHP LOGIN SCRIPT V2.1 ********************** Please complete wherever marked xxxxxxxxx /************* MYSQL DATABASE SETTINGS ***************** 1. Specify Database name in $dbname 2. MySQL host (localhost or remotehost) 3. MySQL user name with ALL previleges assigned. 4. MySQL password Note: If you use cpanel, the name will be like account_database *************************************************************/ define ("DB_HOST", "--------dados sigilosos----------"); // set database host define ("DB_USER", "----------dados sigilosos------------"); // set database user define ("DB_PASS","------------dados sigilosos------------"); // set database password define ("DB_NAME","----------dados sigilosos----------"); // set database name $link = @mysql_connect(DB_HOST, DB_USER, DB_PASS) or die("SERVIDOR EM MANUTENCAO! VOLTAMOS EM BREVE..."); $db = mysql_select_db(DB_NAME, $link) or die("Couldn't select database"); /* Registration Type (Automatic or Manual) 1 -> Automatic Registration (Users will receive activation code and they will be automatically approved after clicking activation link) 0 -> Manual Approval (Users will not receive activation code and you will need to approve every user manually) */ $user_registration = 1; // set 0 or 1 define("COOKIE_TIME_OUT", 10); //specify cookie timeout in days (default is 10 days) define('SALT_LENGTH', 9); // salt for password //define ("ADMIN_NAME", "admin"); // sp /* Specify user levels */ define ("ADMIN_LEVEL", 5); define ("USER_LEVEL", 1); define ("GUEST_LEVEL", 0); /*************** reCAPTCHA KEYS****************/ $publickey = "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx"; $privatekey = "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx"; /**** PAGE PROTECT CODE ******************************** This code protects pages to only logged in users. If users have not logged in then it will redirect to login page. If you want to add a new page and want to login protect, COPY this from this to END marker. Remember this code must be placed on very top of any html or php page. ********************************************************/ function page_protect() { session_start(); global $db; /* Secure against Session Hijacking by checking user agent */ if (isset($_SESSION['HTTP_USER_AGENT'])) { if ($_SESSION['HTTP_USER_AGENT'] != md5($_SERVER['HTTP_USER_AGENT'])) { logout(); exit; } } // before we allow sessions, we need to check authentication key - ckey and ctime stored in database /* If session not set, check for cookies set by Remember me */ if (!isset($_SESSION['user_id']) && !isset($_SESSION['user_name']) ) { if(isset($_COOKIE['user_id']) && isset($_COOKIE['user_key'])){ /* we double check cookie expiry time against stored in database */ $cookie_user_id = filter($_COOKIE['user_id']); $rs_ctime = mysql_query("select `ckey`,`ctime` from `users` where `id` ='$cookie_user_id'") or die(mysql_error()); list($ckey,$ctime) = mysql_fetch_row($rs_ctime); // coookie expiry if( (time() - $ctime) > 60*60*24*COOKIE_TIME_OUT) { logout(); } /* Security check with untrusted cookies - dont trust value stored in cookie. /* We also do authentication check of the `ckey` stored in cookie matches that stored in database during login*/ if( !empty($ckey) && is_numeric($_COOKIE['user_id']) && isUserID($_COOKIE['user_name']) && $_COOKIE['user_key'] == sha1($ckey) ) { session_regenerate_id(); //against session fixation attacks. $_SESSION['user_id'] = $_COOKIE['user_id']; $_SESSION['user_name'] = $_COOKIE['user_name']; /* query user level from database instead of storing in cookies */ list($user_level) = mysql_fetch_row(mysql_query("select user_level from users where id='$_SESSION[user_id]'")); $_SESSION['user_level'] = $user_level; $_SESSION['HTTP_USER_AGENT'] = md5($_SERVER['HTTP_USER_AGENT']); } else { logout(); } } else { header("Location: index.php"); exit(); } } } function filter($data) { @$data = trim(htmlentities(strip_tags($data))); if (get_magic_quotes_gpc()) $data = stripslashes($data); $data = mysql_real_escape_string($data); return $data; } function EncodeURL($url) { $new = strtolower(ereg_replace(' ','_',$url)); return($new); } function DecodeURL($url) { $new = ucwords(ereg_replace('_',' ',$url)); return($new); } function ChopStr($str, $len) { if (strlen($str) < $len) return $str; $str = substr($str,0,$len); if ($spc_pos = strrpos($str," ")) $str = substr($str,0,$spc_pos); return $str . "..."; } function isEmail($email){ return preg_match('/^\S+@[\w\d.-]{2,}\.[\w]{2,6}$/iU', $email) ? TRUE : FALSE; } function isUserID($username) { if (preg_match('/^[a-z\d_]{5,20}$/i', $username)) { return true; } else { return false; } } function isURL($url) { if (preg_match('/^(http|https|ftp):\/\/([A-Z0-9][A-Z0-9_-]*(?:\.[A-Z0-9][A-Z0-9_-]*)+):?(\d+)?\/?/i', $url)) { return true; } else { return false; } } function checkPwd($x,$y) { if(empty($x) || empty($y) ) { return false; } if (strlen($x) < 4 || strlen($y) < 4) { return false; } if (strcmp($x,$y) != 0) { return false; } return true; } function GenPwd($length = 7) { $password = ""; $possible = "0123456789bcdfghjkmnpqrstvwxyz"; //no vowels $i = 0; while ($i < $length) { $char = substr($possible, mt_rand(0, strlen($possible)-1), 1); if (!strstr($password, $char)) { $password .= $char; $i++; } } return $password; } function GenKey($length = 7) { $password = ""; $possible = "0123456789abcdefghijkmnopqrstuvwxyz"; $i = 0; while ($i < $length) { $char = substr($possible, mt_rand(0, strlen($possible)-1), 1); if (!strstr($password, $char)) { $password .= $char; $i++; } } return $password; } function logout() { global $db; session_start(); $sess_user_id = strip_tags(mysql_real_escape_string($_SESSION['user_id'])); $cook_user_id = strip_tags(mysql_real_escape_string($_COOKIE['user_id'])); if(isset($sess_user_id) || isset($cook_user_id)) { mysql_query("update `users` set `ckey`= '', `ctime`= '' where `id`='$sess_user_id' OR `id` = '$cook_user_id'") or die(mysql_error()); } /************ Delete the sessions****************/ unset($_SESSION['user_id']); unset($_SESSION['user_name']); unset($_SESSION['user_level']); unset($_SESSION['HTTP_USER_AGENT']); session_unset(); session_destroy(); /* Delete the cookies*******************/ setcookie("user_id", '', time()-60*60*24*COOKIE_TIME_OUT, "/"); setcookie("user_name", '', time()-60*60*24*COOKIE_TIME_OUT, "/"); setcookie("user_key", '', time()-60*60*24*COOKIE_TIME_OUT, "/"); header("Location: index.php"); } // Password and salt generation function PwdHash($pwd, $salt = null) { if ($salt === null) { $salt = substr(md5(uniqid(rand(), true)), 0, SALT_LENGTH); } else { $salt = substr($salt, 0, SALT_LENGTH); } return $salt . sha1($pwd . $salt); } function checkAdmin() { if($_SESSION['user_level'] == ADMIN_LEVEL) { return 1; } else { return 0 ; } } ?> ============================================================================================ site de teste : http://gambiarraman.890m.com/ como podem ver no próprio site de teste , conseguimos registrar eu entro na db coloco atvo no login, porem quando vai logar diz login invalido , por favor quem puder ajudar. Desde já agradeço Atenção.
- 3 respostas
-
- ajuda
- pagina de login
- (e %d mais)
-
Olá pessoal. Bom, sou iniciante e costumo pegar scripts prontos e fazer algumas modificações para ter o resultado que desejo, no script abaixo eu consegui deixar tudo como eu queria, mas não estou conseguindo ir para a área de administração, simplesmente não sai da pagina de login, já tentei de tudo sem sucesso (tudo que conheço), gostei muito do resultado final e realmente gostaria de usar esse script. se puderem me ajudar a resolver esse problema ficarei muito grato. Meu servidor está com php 4 pasta admin arquivo index.php <? $requiredUserLevel = array(0,1,2); $cfgProgDir = 'phpSecurePages/'; include($cfgProgDir . "secure.php"); setcookie("login", $_POST[entered_login]); setcookie("pass", $_POST[entered_password]); //include("path.php"); include("../config.php"); $cidade = 1;?> <table width="800" border="0" align="center" cellpadding="0" cellspacing="0" class="text"> <tr> <td width="776" height="92" background="../images/layout/topo-bg.jpg"><table width="800" height="90" border="0" cellpadding="0" cellspacing="0"> <tr> <td width="300" background="../images/layout/logo_admin.png"> </td> <td width="237" align="right"> </td> <td width="263" align="right"> </td> </tr> </table></td> </tr> </table> <table width="800" border="0" align="center" cellpadding="0" cellspacing="0" bgcolor="#262626"> <tr> <td height="16"><p><font color="#FFFFFF"> <? $sql = mysql_query("SELECT * FROM phpsp_users where user='$login'"); $dados = mysql_fetch_array($sql); $usernivel = "$dados[userlevel]"; $idfranquia = "$dados[id_franquia]"; $idusuarios = "$dados[primary_key]"; //echo $idfranquia; ?> Olá <b><? echo $dados[nome];?></b> (<? $sql2=mysql_query("SELECT * FROM franquias WHERE id='$dados[id_franquia]'"); $dados2=mysql_fetch_array($sql2); echo $dados2[cidade]; ?>), seja bem vindo! <td align="right"><a href="logout.php"><font color="#FFFFFF">Sair</font> </a> </td> </tr> </table> <table width="800" border="0" align="center" cellpadding="0" cellspacing="0" background="../images/layout/tb_admin_fundo.gif"> <tr> <td><table width="800" border="0" align="center" cellpadding="0" cellspacing="0"> <tr> <td width="200" align="left" valign="top" bgcolor="#FFFFFF"><? include("menu.php");?></td> <td align="center" valign="top" bgcolor="#666666"><? include("query_string.php");?> </td> </tr> </table></td> </tr> </table> <table width="800" border="0" align="center" cellpadding="0" cellspacing="0"> <tr> <td width="789" height="24" align="center" bgcolor="#262626" class="branco"><font color="#CCCCCC">FSOL WEB ® 2012 - Todos os Direitos Reservados</font></td> </tr> </table> arquivo config.php <? // conexão com o banco $server = "localhost"; $user = "MY USER"; $senha = "MY SENHA"; $banco = "MY BANCO"; $conexao = mysql_connect("$server", "$user", "$senha"); $db = mysql_select_db("$banco"); // termina conexão com o banco $pasta = "galeria"; $sql = mysql_query("SELECT * FROM config WHERE id='1'"); while ($linha = mysql_fetch_array($sql)) { $tsite = $linha[tsite]; // nome do site $usite = $linha[usite]; // url do site, ex: http://www.seusite.com.br/galeria/ $fonte = $linha[fonte]; // fonte do site $tfonte = $linha[tfonte]; // tamanho da fonte usada $tfonte2 = $linha[tfonte2]; // tamanho da fonte usada $ttitulo = $linha[ttitulo]; // tamanho dos titulos do site $ttitulo2 = $linha[ttitulo2]; // tamanho dos titulos do site $coronmouse = $linha[coronmouse]; // cor quando passar o mouse em cima dos links #999999 $cortexto = $linha[cortexto]; // cor do texto $corcelula1 = $linha[corcelula1]; // cor dacelula 1 $corcelula2 = $linha[corcelula2]; // cor da celula 2 $corfundosite = $linha[corfundosite]; // cor de fundo do site $qts_thumbs = $linha[qts_thumbs]; // Total de fotos q será exibido do lado esquerdo $qts_colunas = $linha[qts_colunas]; // total de colunas q será exibido $qts_ultimos = $linha[qts_ultimos]; // total de eventos q ficarão nas ultimas coberturas $img_fundo = $linha[img_fundo]; $loginho = $linha[loginho]; $telefone = "11 - 2233-4455"; $meuemail = "cbourbon@hotmail.com"; $corporyth = "© 2012 - www.weberadiososite"; } ?> <head> <SCRIPT language="JavaScript1.2"> var URLSite = window.location.href; var TituloSite = document.title; function addfav(){ if (document.all) window.external.AddFavorite(URLSite,TituloSite); } </SCRIPT> <meta http-equiv="pragma" content="no-cache"> <meta http-equiv="Content-Type" content="text/html; charset=windows-1252"> <title><? echo $tsite?></title> <style type="text/css"> body { background-image: url(images/bg.jpg); background-position: top; margin-left: 0px; margin-top: 0px; margin-right: 0px; margin-bottom: 0px; font-family: <?=$fonte?>; font-size: <?=$tfonte?>; color: <?=$cortexto?>; } body,td,th { margin-left: 0px; margin-top: 0px; margin-right: 0px; margin-bottom: 0px; font-family: <?=$fonte?>; font-size: <?=$tfonte?>; color: <?=$cortexto?>; } .branco {color: #FFFFFF} .pequeno { font-size: 8px; color: #999999; } .titulos { font-size: <?=$tfonte?>; color: <?=$coronmouse?>; } a:link, a:active, a:visited { color: <?=$cortexto?>; text-decoration: none; } a:hover { color: <?=$coronmouse?>; text-decoration: underline; } .input { height: 20; width: 145; border: 1px solid #333333; font-family: <?=$fonte?>; font-size: <?=$tfonte?>; color: #000000; } </style> </HEAD> <body> <script src="<? echo $usite?>janelas_popup.js" language="JavaScript"></script> ARQUIVO SECURE.PHP <? $cfgIndexpage = 'index.php'; // page to go to, if login is cancelled // Example: if your main page is http://www.mydomain.com/index.php // the value would be $cfgIndexpage = '/index.php' $admEmail = 'cbourbon@hotmail.com'; // E-mail adres of the site administrator // (This is being showed to the users on an error, so you can be notified by the users) $noDetailedMessages = true; // Show detailed error messages (false) or give one single message for all errors (true). // If set to 'false', the error messages shown to the user describe what went wrong. // This is more user-friendly, but less secure, because it could allow someone to probe // the system for existing users. $passwordEncryptedWithMD5 = false; // Set this to true if the passwords are encrypted // with the MD5 algorithm // (not yet implanted, expect this in a next release) $languageFile = 'brazil.php'; // Choose the language file $bgImage = 'bg_lock.gif'; // Choose the background image $bgRotate = false; // Rotate the background image from list // (This overrides the $bgImage setting) /****** Lists ******/ // List of backgrounds to rotate through $backgrounds[] = 'bg_lock.gif'; $backgrounds[] = 'bg_lock2.gif'; $backgrounds[] = 'bg_gun.gif'; /****** Database ******/ $useDatabase = true; // choose between using a database or data as input /* this data is necessary if a database is used */ if ($HTTP_SERVER_VARS["REMOTE_ADDR"] != "127.0.0.1"){ $cfgServerHost = 'localhost'; // MySQL hostname $cfgServerPort = ''; // MySQL port - leave blank for default port $cfgServerUser = 'MY USER'; // MySQL user $cfgServerPassword = 'MY SENHA'; // MySQL password $cfgDbDatabase = 'MY BANCO'; // MySQL database name containing phpSecurePages table } else { $cfgServerHost = 'localhost'; // MySQL hostname $cfgServerPort = ''; // MySQL port - leave blank for default port $cfgServerUser = 'MY USER'; // MySQL user $cfgServerPassword = 'MY SENHA'; // MySQL password $cfgDbDatabase = 'MY BANCO'; // MySQL database name containing phpSecurePages table } $cfgDbTableUsers = 'phpsp_users'; // MySQL table name containing phpSecurePages user fields $cfgDbLoginfield = 'user'; // MySQL field name containing login word $cfgDbPasswordfield = 'password'; // MySQL field name containing password $cfgDbUserLevelfield = 'userlevel'; // MySQL field name containing user level // Choose a number which represents the category of this users authorization level. // Leave empty if authorization levels are not used. // See readme.txt for more info. $cfgDbUserIDfield = 'primary_key'; // MySQL field name containing user identification // enter a distinct ID if you want to be able to identify the current user // Leave empty if no ID is necessary. // See readme.txt for more info. /****** Database - PHP3 ******/ /* information below is only necessary for servers with PHP3 */ $cfgDbTableSessions = 'phpsp_sessions'; // MySQL table name containing phpSecurePages sessions fields $cfgDbTableSessionVars = 'phpsp_sessionvars'; // MySQL table name containing phpSecurePages session variables fields /****** Data ******/ $useData = false; // choose between using a database or data as input /* this data is necessary if no database is used */ $cfgLogin[1] = 'root'; // login word $cfgPassword[1] = 'root'; // password $cfgUserLevel[1] = '1'; // user level // Choose a number which represents the category of this users authorization level. // Leave empty if authorization levels are not used. // See readme.txt for more info. $cfgUserID[1] = ''; // user identification // enter a distinct ID if you want to be able to identify the current user // Leave empty if no ID is necessary. // See readme.txt for more info. $cfgLogin[2] = ''; $cfgPassword[2] = ''; $cfgUserLevel[2] = ''; $cfgUserID[2] = ''; $cfgLogin[3] = ''; $cfgPassword[3] = ''; $cfgUserLevel[3] = ''; $cfgUserID[3] = ''; /**************************************************************/ /* End of phpSecurePages Configuration */ /**************************************************************/ // https support if (getenv("HTTPS") == 'on') { $cfgUrl = 'https://'; } else { $cfgUrl = 'http://'; } // getting other login variables $cfgHtmlDir = $cfgProgDir; if ($message) $messageOld = $message; $message = false; // Create a constant that can be checked inside the files to be included. // This gives an indication if secure.php has been loaded correctly. define("LOADED_PROPERLY", true); // include functions and variables function admEmail() { // create administrators email link global $admEmail; return("<A HREF='mailto:$admEmail'>$admEmail</A>"); } include($cfgProgDir . "lng/" . $languageFile); include($cfgProgDir . "session.php"); // choose between login or logout if ($logout && !($HTTP_GET_VARS["logout"] || $HTTP_POST_VARS["logout"])) { // logout include($cfgProgDir . "logout.php"); } else { // loading login check include($cfgProgDir . "checklogin.php"); } echo $HTTP_GET_VARS["logout"]; ?>