Czemu to loguje kazde go z kazdym haslem a nawet bez podania loginu i hasla Od razu jestes zalogowany ??
Plik Index.php :
<?
function gen_www()
{
$time = explode(" ", microtime());
$usec = (double)$time[0];
$sec = (double)$time[1];
return $sec + $usec;
}
$start = gen_www();
$zalogowany = $HTTP_COOKIE_VARS["zalogowany"];
$is_admin_true = $HTTP_COOKIE_VARS["is_admin_true"];
include "config.php";
mysql_connect ($host, $user, $pass);
mysql_select_db($db_n);
$HTTP_POST_VARS['log'];
$HTTP_POST_VARS['login_pas'];
$HTTP_GET_VARS['logout'];
if($logout==yes)
{
setcookie("zalogowany", $zalogowany, time()-3600);
setcookie("is_admin_true", $is_admin_true, time()-3600);
print "Zostales Wylogowany";
}
else
{
}
if($zalogowany === tak)
{
}
else
{
$wynik=mysql_query("select user_nick,user_pass,user_uprawnienia FROM phportal_users");
while ($rekord=mysql_fetch_array($wynik))
{
if($rekord[0]===$log && $rekord[1]===$login_pas)
$zalogowany = "tak";
setcookie("zalogowany", "tak", time()+3600);
if($rekord[2]===1)
{
$is_admin_true = "tak";
setcookie("is_admin_true", "tak", time()+3600);
}
else
{
$is_admin_true = "nie";
}
}
$zalogowany = "nie";
}
echo "<html>";
echo "<head>";
$pobieranie_sitename = mysql_query ("SELECT site_name FROM phportal_settings")
or die ("Bł±d MYSQL");
$line = mysql_fetch_array($pobieranie_sitename);
list($col_name, $Nazwa_strony) = each($line);
echo "<TITLE>$Nazwa_strony</TITLE>";
$pobieranie_theme = mysql_query ("SELECT site_theme FROM phportal_settings")
or die ("Bł±d MYSQL");
$line = mysql_fetch_array($pobieranie_theme);
list($col_name, $tapeta_theme) = each($line);
echo "</head>";
include "tapety/$tapeta_theme/theme.php";
echo "<table border='0' cellpadding='0' cellspacing='0' width='100%'>";
echo "<tr>";
echo "<td width='100%' colspan='3'>";
include ("naglowek.php");
echo "</td>";
echo "</tr>";
echo "<tr>";
echo "<td width='15%'>";
include("menu.php");
echo "</td>";
echo "<td width='70%'>";
$pobieranie_glownej = mysql_query ("SELECT site_deafault_module FROM phportal_settings")
or die ("Bł±d MYSQL");
$line = mysql_fetch_array($pobieranie_glownej);
list($col_name, $glowna_modol) = each($line);
if(!isset($mod)){
include("moduły/$glowna_modol/index.php");
}
else if($mod==admin){
include("moduły/admin/index.php");
} else if($mod==wyloguj){
else
echo "Taka strona nie istnieje :)";
echo "</td>";
echo "<td width='15%'>";
include("prawy_panel.php");
echo "</td>";
echo "</tr>";
echo "<tr>";
echo "<td width='100%' colspan='3'>";
include("stopka.php");
echo "</td>";
echo "</tr>";
echo "</table>";
echo "</body>";
echo "</html>";
?>
Plik moduły/admin/index.php :
<?php
$zalogowany = $HTTP_COOKIE_VARS["zalogowany"];
$is_admin_true = $HTTP_COOKIE_VARS["is_admin_true"];
if($is_admin_true == tak)
{
echo "<table>";
echo "<tr>";
echo "<td><a href='index.php?mod=admin?page=preferences' title='Ustawienia Główne Portalu' onmousemove='window.status='Ustawienia Główne Portalu';; return true'></a></td>";
echo "<td></td>";
echo "<td></td>";
echo "<td></td>";
echo "<td></td>";
echo "</tr>";
echo "</table>";
}
else
{
echo "Niejestes zalopgowany jako admin !!!";
}
?>
Plik prawy_panel.php :
<?php
if($zalogowany == tak)
{
echo "<TABLE cellSpacing=0 cellPadding=0 border=0>";
echo "<TBODY>";
echo "<TR>";
echo "<TD background='tapety/$tapeta_theme/gify/shared/left_up.jpg'><IMG height=8 src='tapety/$tapeta_theme/gify/shared/empty.gif' width=8></TD>";
echo "<TD background='tapety/$tapeta_theme/gify/shared/up.jpg'><IMG height=8 src='tapety/$tapeta_theme/gify/shared/empty.gif' width=22></td>";
echo "<TD background='tapety/$tapeta_theme/gify/shared/right_up.jpg'><IMG height=8 src='tapety/$tapeta_theme/gify/shared/empty.gif' width=8></td>";
echo "</tr>";
echo "<tr>";
echo "<TD background='tapety/$tapeta_theme/gify/shared/left_1.jpg'><IMG height=38 src='tapety/$tapeta_theme/gify/shared/empty.gif' width=8></td>";
echo "<td BGCOLOR='#000000'>";
echo "<B>Jestes zalogowany jako $log </B>";
if($is_admin_true = tak)
{
echo " z uprawnieniami administratora badz odpowiedzialny !!!";
echo "<A HREF='index.php?mod=wyloguj'>Wyloguj</A>";
}
else
{
echo "Niemasz uprawnien Administratora";
}
echo "</td>";
echo "<TD background='tapety/$tapeta_theme/gify/shared/right_1.jpg'><IMG height=38 src='tapety/$tapeta_theme/gify/shared/empty.gif' width=8></td>";
echo "</tr>";
echo "<tr>";
echo "<TD background='tapety/$tapeta_theme/gify/shared/left_down.jpg'><IMG height=8 src='tapety/$tapeta_theme/gify/shared/empty.gif' width=8></td>";
echo "<TD background='tapety/$tapeta_theme/gify/shared/down.jpg'><IMG height=8 src='tapety/$tapeta_theme/gify/shared/empty.gif' width=22></td>";
echo "<TD background='tapety/$tapeta_theme/gify/shared/right_down.jpg'><IMG height=8 src='tapety/$tapeta_theme/gify/shared/empty.gif' width=8></td>";
echo "</tr>";
echo "</table>";
}
else
{
echo "<TABLE Align=Center cellSpacing=0 cellPadding=0 border=0>";
echo "<TBODY>";
echo "<TR>";
echo "<TD background='tapety/$tapeta_theme/gify/shared/left_up.jpg'><IMG height=8 src='tapety/$tapeta_theme/gify/shared/empty.gif' width=8></TD>";
echo "<TD background='tapety/$tapeta_theme/gify/shared/up.jpg'><IMG height=8 src='tapety/$tapeta_theme/gify/shared/empty.gif' width=22></td>";
echo "<TD background='tapety/$tapeta_theme/gify/shared/right_up.jpg'><IMG height=8 src='tapety/$tapeta_theme/gify/shared/empty.gif' width=8></td>";
echo "</tr>";
echo "<tr>";
echo "<TD background='tapety/$tapeta_theme/gify/shared/left_1.jpg'><IMG height=38 src='tapety/$tapeta_theme/gify/shared/empty.gif' width=8></td>";
echo "<td BGCOLOR='#000000'>";
echo "<form method='POST' action='index.php'>";
echo "<table border=0>";
echo "<tr>";
echo "<td>login:</td>";
echo "</tr>";
echo "<tr>";
echo "<td><input type='text' name='log' size='20'></td>";
echo "</tr>";
echo "<tr>";
echo "<td>Hasło:</td>";
echo "</tr>";
echo "<tr>";
echo "<td><input type='password' name='login_pas' size='20'></td>";
echo "</tr>";
echo "<tr>";
echo "<td><input type='checkbox' name='save' value='CheckValue1'>Zapamiętaj</td>";
echo "</tr>";
echo "<input type='hidden' name='zaaloguj_mnie' value='zaloguj_mnie'>";
echo "<tr>";
echo "<td><input type='submit' value='Zaloguj' name='B1'></td>";
echo "</tr>";
echo "</table>";
echo "</form>";
echo "</td>";
echo "<TD background='tapety/$tapeta_theme/gify/shared/right_1.jpg'><IMG height=38 src='tapety/$tapeta_theme/gify/shared/empty.gif' width=8></td>";
echo "</tr>";
echo "<tr>";
echo "<TD background='tapety/$tapeta_theme/gify/shared/left_down.jpg'><IMG height=8 src='tapety/$tapeta_theme/gify/shared/empty.gif' width=8></td>";
echo "<TD background='tapety/$tapeta_theme/gify/shared/down.jpg'><IMG height=8 src='tapety/$tapeta_theme/gify/shared/empty.gif' width=22></td>";
echo "<TD background='tapety/$tapeta_theme/gify/shared/right_down.jpg'><IMG height=8 src='tapety/$tapeta_theme/gify/shared/empty.gif' width=8></td>";
echo "</tr>";
echo "</table>";
}
?>
POMOCY ! siedze juz 2 dzien i niewiem co jest nietak