Problema Panel

Robyx.exe · Sep 2, 2023

Nu stiu daca am voie sa postez aici, in fine.
Am o problema la un panel la login, in baza de date parolele sunt criptate dar in panel cand dai login iti spune ca parola e incorecta, din ce am inteles eu cu mintea mea de gaina e problema de la login.p.php unde codu nu citeste parolele criptate.

V-am lasat codul mai jos, mersi de ajutor.

Code:

&lt;?php if(Config::isLogged()) { ?&gt;
&lt;?php 
$_SESSION['HomeAlert'] = "&lt;script&gt;setTimeout(myFunction, 10);function myFunction() {swal('Succes','You are logged in!','error');}&lt;/script&gt;";
$_SESSION['AlertTime'] = time();
?&gt;
&lt;script&gt;window.location.href = '&lt;?php echo Config::$URL  ?&gt;';&lt;/script&gt;
&lt;?php die(); } ?&gt;

            
&lt;?php if(isset($_POST['login'])) {
    $username = Config::antiXSS($_POST['username']);
  $password = Config::antiXSS(md5($_POST['password']));
    $passwordno = Config::antiXSS($_POST['password']);
  date_default_timezone_set('Europe/Bucharest');
$timex = time();
    if(!$username || !$password) {
      echo General::alertView("danger","Complete all fields (name / password).");
    } else {
        $kenny = Config::$g_con-&gt;prepare('SELECT * FROM `users` WHERE `name` = ? AND `password` = ?');
        $kenny-&gt;execute(array($username,$passwordno));
        if($kenny-&gt;rowCount()) {
            $account = $kenny-&gt;fetch(PDO::FETCH_OBJ);

if ($checksuspend == 0) { 

unset($_SESSION['pin_session']); // REMOVE SESSION PIN 

$_SESSION['HomeAlert'] = "&lt;script&gt;setTimeout(myFunction, 10);function myFunction() {swal('Succes','You have successfully logged in.','error');}&lt;/script&gt;";
$_SESSION['AlertTime'] = time();
echo "&lt;script&gt;window.location.href = '".Config::$URL ."profile/".$account-&gt;name."';&lt;/script&gt;";

$_SESSION['login_session'] = $account-&gt;id; // ADD SESSION LOGIN

} else { 

if ($suspend-&gt;Permanent == 0) { 
if ($suspend-&gt;ExpireDate &lt; date('Y-m-d H-i', $timex)) {   

$_SESSION['HomeAlert'] = "&lt;script&gt;setTimeout(myFunction, 10);function myFunction() {swal('Error','Your suspend has expired, congrats!','error');}&lt;/script&gt;";
$_SESSION['AlertTime'] = time();
echo "&lt;script&gt;window.location.href = '".Config::$URL ."profile/".$data-&gt;name."';&lt;/script&gt;";

$_SESSION['login_session'] = $account-&gt;id; // ADD SESSION LOGIN

} else { 

$_SESSION['HomeAlert'] = Config::alertView("danger","You are suspended by ".$suspend-&gt;AdminName." for ".$suspend-&gt;Days." days. Reason: ".$suspend-&gt;Reason.". Expire at: ".$suspend-&gt;ExpireDate."!");
$_SESSION['AlertTime'] = time();
echo "&lt;script&gt;window.location.href = '&lt;?php echo Config::$URL  ?&gt;';&lt;/script&gt;";

}
}

$_SESSION['HomeAlert'] = "&lt;script&gt;setTimeout(myFunction, 10);function myFunction() {swal('Error','You are suspended by'.$suspend-&gt;AdminName.' permanently. Reason: '.$suspend-&gt;Reason.The user or password is incorrect','error');}&lt;/script&gt;";
$_SESSION['AlertTime'] = time();
echo "&lt;script&gt;window.location.href = '".Config::$URL ."profile/".$account-&gt;name."';&lt;/script&gt;";

}

}
/* - - - */ 

/* - - - */ 

        }
        
        echo "&lt;script&gt;setTimeout(myFunction, 10);function myFunction() {swal('Error','The user or password is incorrect','error')};&lt;/script&gt;";

    } 
    ?&gt;     
              &lt;div style="width: 60%; margin-left:24%;" class="row card has-shadow"&gt;
			&lt;div class="col-lg-12"&gt;
                    &lt;div class="card-body"&gt;
                      &lt;form method="POST"&gt;
                        &lt;div class="form-group"&gt;
                          &lt;label class="form-control-label"&gt;Username&lt;/label&gt;
                          &lt;input type="text" class="form-control" name="username" required&gt;
                        &lt;/div&gt;
                        &lt;div class="form-group"&gt;       
                          &lt;label class="form-control-label"&gt;Password&lt;/label&gt;
                          &lt;input type="password" class="form-control" name="password" required&gt;
                        &lt;/div&gt;
                        &lt;div class="form-group"&gt;       
                          &lt;input type="submit" value="Login" class="btn btn-primary btn-block" name="login"&gt;
                          &lt;br&gt;
                               &lt;p style="text-align:center;"&gt;Forgot your password? Click &lt;a href="&lt;?php echo Config::$URL ?&gt;recovery"&gt;here&lt;/a&gt;.&lt;/p&gt;
                        &lt;/div&gt;
                      &lt;/form&gt;
                    &lt;/div&gt;
                &lt;/div&gt;
              &lt;/div&gt;

ionut1337 · Nov 2, 2023

Robyx.exe said:
Nu stiu daca am voie sa postez aici, in fine.
Am o problema la un panel la login, in baza de date parolele sunt criptate dar in panel cand dai login iti spune ca parola e incorecta, din ce am inteles eu cu mintea mea de gaina e problema de la login.p.php unde codu nu citeste parolele criptate.

V-am lasat codul mai jos, mersi de ajutor.

<?php if(Config::isLogged()) { ?>
<?php
$_SESSION['HomeAlert'] = "<script>setTimeout(myFunction, 10);function myFunction() {swal('Succes','You are logged in!','error');}</script>";
$_SESSION['AlertTime'] = time();
?>
<script>window.location.href = '<?php echo Config::$URL ?>';</script>
<?php die(); } ?>

<?php if(isset($_POST['login'])) {
$username = Config::antiXSS($_POST['username']);
$password = Config::antiXSS(md5($_POST['password']));
$passwordno = Config::antiXSS($_POST['password']);
date_default_timezone_set('Europe/Bucharest');
$timex = time();
if(!$username || !$password) {
echo General::alertView("danger","Complete all fields (name / password).");
} else {
$kenny = Config::$g_con->prepare('SELECT * FROM `users` WHERE `name` = ? AND `password` = ?');
$kenny->execute(array($username,$passwordno));
if($kenny->rowCount()) {
$account = $kenny->fetch(PDO::FETCH_OBJ);

if ($checksuspend == 0) {

unset($_SESSION['pin_session']); // REMOVE SESSION PIN

$_SESSION['HomeAlert'] = "<script>setTimeout(myFunction, 10);function myFunction() {swal('Succes','You have successfully logged in.','error');}</script>";
$_SESSION['AlertTime'] = time();
echo "<script>window.location.href = '".Config::$URL ."profile/".$account->name."';</script>";

$_SESSION['login_session'] = $account->id; // ADD SESSION LOGIN

} else {

if ($suspend->Permanent == 0) {
if ($suspend->ExpireDate < date('Y-m-d H-i', $timex)) {

$_SESSION['HomeAlert'] = "<script>setTimeout(myFunction, 10);function myFunction() {swal('Error','Your suspend has expired, congrats!','error');}</script>";
$_SESSION['AlertTime'] = time();
echo "<script>window.location.href = '".Config::$URL ."profile/".$data->name."';</script>";

$_SESSION['login_session'] = $account->id; // ADD SESSION LOGIN

} else {

$_SESSION['HomeAlert'] = Config::alertView("danger","You are suspended by ".$suspend->AdminName." for ".$suspend->Days." days. Reason: ".$suspend->Reason.". Expire at: ".$suspend->ExpireDate."!");
$_SESSION['AlertTime'] = time();
echo "<script>window.location.href = '<?php echo Config::$URL ?>';</script>";

}
}

$_SESSION['HomeAlert'] = "<script>setTimeout(myFunction, 10);function myFunction() {swal('Error','You are suspended by'.$suspend->AdminName.' permanently. Reason: '.$suspend->Reason.The user or password is incorrect','error');}</script>";
$_SESSION['AlertTime'] = time();
echo "<script>window.location.href = '".Config::$URL ."profile/".$account->name."';</script>";

}

}
/* - - - */

/* - - - */

}

echo "<script>setTimeout(myFunction, 10);function myFunction() {swal('Error','The user or password is incorrect','error')};</script>";

}
?>
<div style="width: 60%; margin-left:24%;" class="row card has-shadow">
<div class="col-lg-12">
<div class="card-body">
<form method="POST">
<div class="form-group">
<label class="form-control-label">Username</label>
<input type="text" class="form-control" name="username" required>
</div>
<div class="form-group">
<label class="form-control-label">Password</label>
<input type="password" class="form-control" name="password" required>
</div>
<div class="form-group">
<input type="submit" value="Login" class="btn btn-primary btn-block" name="login">
<br>
<p style="text-align:center;">Forgot your password? Click <a href="<?php echo Config::$URL ?>recovery">here</a>.</p>
</div>
</form>
</div>
</div>
</div>

salut, depinde ce criptare ai la parole la gamemode ul pe care il folosesti, daca folosesti cumva md5, inlocuieste codul tau pe care ni l-ai trimis, cu asta

```

<?php if(Config::isLogged()) { ?>
<?php
$_SESSION['HomeAlert'] = "<script>setTimeout(myFunction, 10);function myFunction() {swal('Succes','You are logged in!','error');}</script>";
$_SESSION['AlertTime'] = time();
?>
<script>window.location.href = '<?php echo Config::$URL ?>';</script>
<?php die(); } ?>


<?php if(isset($_POST['login'])) {
$username = Config::antiXSS($_POST['username']);
$password = Config::antiXSS(md5($_POST['password']));
$passwordno = Config::antiXSS($_POST['password']);
date_default_timezone_set('Europe/Bucharest');
$timex = time();
if(!$username || !$password) {
echo General::alertView("danger","Complete all fields (name / password).");
} else {
$kenny = Config::$g_con->prepare('SELECT * FROM `users` WHERE `name` = ? AND `password` = ?');
$kenny->execute(array($username,md5($passwordno));
if($kenny->rowCount()) {
$account = $kenny->fetch(PDO::FETCH_OBJ);

if ($checksuspend == 0) {

unset($_SESSION['pin_session']); // REMOVE SESSION PIN

$_SESSION['HomeAlert'] = "<script>setTimeout(myFunction, 10);function myFunction() {swal('Succes','You have successfully logged in.','error');}</script>";
$_SESSION['AlertTime'] = time();
echo "<script>window.location.href = '".Config::$URL ."profile/".$account->name."';</script>";

$_SESSION['login_session'] = $account->id; // ADD SESSION LOGIN

} else {

if ($suspend->Permanent == 0) {
if ($suspend->ExpireDate < date('Y-m-d H-i', $timex)) {

$_SESSION['HomeAlert'] = "<script>setTimeout(myFunction, 10);function myFunction() {swal('Error','Your suspend has expired, congrats!','error');}</script>";
$_SESSION['AlertTime'] = time();
echo "<script>window.location.href = '".Config::$URL ."profile/".$data->name."';</script>";

$_SESSION['login_session'] = $account->id; // ADD SESSION LOGIN

} else {

$_SESSION['HomeAlert'] = Config::alertView("danger","You are suspended by ".$suspend->AdminName." for ".$suspend->Days." days. Reason: ".$suspend->Reason.". Expire at: ".$suspend->ExpireDate."!");
$_SESSION['AlertTime'] = time();
echo "<script>window.location.href = '<?php echo Config::$URL ?>';</script>";

}
}

$_SESSION['HomeAlert'] = "<script>setTimeout(myFunction, 10);function myFunction() {swal('Error','You are suspended by'.$suspend->AdminName.' permanently. Reason: '.$suspend->Reason.The user or password is incorrect','error');}</script>";
$_SESSION['AlertTime'] = time();
echo "<script>window.location.href = '".Config::$URL ."profile/".$account->name."';</script>";

}

}
/* - - - */

/* - - - */

}

echo "<script>setTimeout(myFunction, 10);function myFunction() {swal('Error','The user or password is incorrect','error')};</script>";

}
?>
<div style="width: 60%; margin-left:24%;" class="row card has-shadow">
           <div class="col-lg-12">
<div class="card-body">
<form method="POST">
<div class="form-group">
<label class="form-control-label">Username</label>
<input type="text" class="form-control" name="username" required>
</div>
<div class="form-group">
<label class="form-control-label">Password</label>
<input type="password" class="form-control" name="password" required>
</div>
<div class="form-group">
<input type="submit" value="Login" class="btn btn-primary btn-block" name="login">
<br>
<p style="text-align:center;">Forgot your password? Click <a href="<?php echo Config::$URL ?>recovery">here</a>.</p>
</div>
</form>
</div>
</div>
</div>

```

skillzy · Jan 27, 2024

Problema Panel

Robyx.exe

New member

ionut1337

Elite Member

skillzy

CEO