Jump to content

Nothing shows up on login screen

sofoiks

By sofoiks
in PHP Coding Help

 Share

Recommended Posts

sofoiks Newbie

sofoiks

Posted
Posted

Hello and ty all for helping

I have located the problem its in login.php file but dont know where thats why am turning to experts of coding.

My file is located here ftp.sofo.si username and password are same "guest" pls feel free to download and inspect :)

 

Thank you again for any help

cheers

Link to comment
Share on other sites
sofoiks Newbie

sofoiks

Posted
  • Author
Posted

i know but the code is long but here it goes

 

<?php

 

function emptytemptables( $uguid )

{

    mysql_query( "DELETE FROM izdajnica_body_temp where username='".$uguid."'" );

    mysql_query( "DELETE FROM izdajnica_header_temp where username='".$uguid."'" );

    mysql_query( "DELETE FROM avans_body_temp where username='".$uguid."'" );

    mysql_query( "DELETE FROM avans_header_temp where username='".$uguid."'" );

    mysql_query( "DELETE FROM invoice_body_temp where username='".$uguid."'" );

    mysql_query( "DELETE FROM invoice_header_temp where username='".$uguid."'" );

    mysql_query( "DELETE FROM recived_body_temp where username='".$uguid."'" );

    mysql_query( "DELETE FROM recived_header_temp where username='".$uguid."'" );

    mysql_query( "DELETE FROM prevzem_body_temp where username='".$uguid."'" );

    mysql_query( "DELETE FROM prevzem_header_temp where username='".$uguid."'" );

    mysql_query( "DELETE FROM preinvoice_body_temp where username='".$uguid."'" );

    mysql_query( "DELETE FROM preinvoice_header_temp where username='".$uguid."'" );

    mysql_query( "DELETE FROM dobropis_body_temp where username='".$uguid."'" );

    mysql_query( "DELETE FROM dobropis_header_temp where username='".$uguid."'" );

    mysql_query( "DELETE FROM izdajnica_body_temp where username='".$uguid."'" );

    mysql_query( "DELETE FROM izdajnica_header_temp where username='".$uguid."'" );

    mysql_query( "DELETE FROM template_body_temp where username='".$uguid."'" );

    mysql_query( "DELETE FROM template_header_temp where username='".$uguid."'" );

    mysql_query( "DELETE FROM projects_body_temp where username='".$uguid."'" );

    mysql_query( "DELETE FROM projects_header_temp where username='".$uguid."'" );

    mysql_query( "DELETE FROM acc_postavke_body_temp where user='".$uguid."'" );

    mysql_query( "DELETE FROM acc_postavke_header_temp where user='".$uguid."'" );

    mysql_query( "DELETE FROM kompenzacije_body_temp where user='".$uguid."'" );

    mysql_query( "DELETE FROM kompenzacije_header_temp where user='".$uguid."'" );

    mysql_query( "DELETE FROM order_body_temp where user='".$uguid."'" );

    mysql_query( "DELETE FROM order_header_temp where user='".$uguid."'" );

    mysql_query( "DELETE FROM iop_body_temp where user='".$uguid."'" );

    mysql_query( "DELETE FROM iop_header_temp where user='".$uguid."'" );

    mysql_query( "DELETE FROM po_body_temp where user='".$uguid."'" );

    mysql_query( "DELETE FROM po_header_temp where user='".$uguid."'" );

    mysql_query( "DELETE FROM izdatek_header_temp where user='".$uguid."'" );

    mysql_query( "DELETE FROM izdatek_body_temp where user='".$uguid."'" );

    mysql_query( "DELETE FROM prejemek_header_temp where user='".$uguid."'" );

    mysql_query( "DELETE FROM prejemek_body_temp where user='".$uguid."'" );

    mysql_query( "DELETE FROM po_body_temp  where user='".$uguid."'" );

    mysql_query( "DELETE FROM po_header_temp where user='".$uguid."'" );

    mysql_query( "DELETE FROM `".$_SESSION['phoenix_tele_db']."`.`telemarketing_history_temp` where `{$_SESSION['phoenix_tele_db']}`.`telemarketing_history_temp`.`user_guid`='{$uguid}'" );

    mysql_query( "DELETE FROM `".$_SESSION['phoenix_tele_db']."`.`telemarketing_podjetje_temp` where `{$_SESSION['phoenix_tele_db']}`.`telemarketing_podjetje_temp`.`user_guid`='{$uguid}'" );

}

 

function dologin( $row, $db_name, $exp )

{

    $_SESSION['phoenix_status'] = "login";

    $_SESSION['phoenix_user_id'] = $row['guid'];

    $_SESSION['phoenix_user_id2'] = $row['id'];

    $_SESSION['phoenix_username'] = $row['username'];

    $_SESSION['phoenix_ime_priimek'] = $row['name']." ".$row['surname'];

    $_SESSION['phoenix_session_userid'] = md5( microtime( 1 ) );

    $_SESSION['phoenix_status_User'] = $row['username'];

    $_SESSION['phoenix_language'] = is_numeric( strval( $_POST['language'] ) ) ? $_POST['language'] : 2;

    $_SESSION['phoenix_rank'] = $row['rank'];

    $_SESSION['phoenix_selected_year'] = $_POST['years'];

    $_SESSION['phoenix_expositure'] = $exp;

    mysql_select_db( $db_name );

    $rs = mysql_query( "SELECT tele_db, exp_name, last_year_database FROM business_data LIMIT 1" );

    $row3 = mysql_fetch_assoc( $rs );

    $_SESSION['phoenix_tele_db'] = $row3['tele_db'];

    $_SESSION['phoenix_old_db'] = $row3['last_year_database'];

    $_SESSION['phoenix_expositure_name'] = $row3['exp_name'];

    $_SESSION['phoenix_database'] = $db_name;

    $timestamp = time( ) + 36000;

    setcookie( "phoenix_login_selection", "", time( ) - 3600, "/" );

    setcookie( "phoenix_language", "", time( ) - 3600, "/" );

    unset( $_COOKIE['phoenix_login_selection'] );

    unset( $_COOKIE['phoenix_language'] );

    setcookie( "phoenix_login_selection", $login_spec."|".$db_name, time( ) + 36000, "/" );

    setcookie( "phoenix_language", $_SESSION['phoenix_language'], time( ) + 36000000, "/" );

    if ( !mysql_query( "UPDATE `users` set `timestamp`='".$timestamp."', `session_userid`='".$_SESSION['phoenix_session_userid'].( "' where `guid`='".$row['guid']."'" ) ) )

    {

        exit( mysql_error( ) );

    }

    emptytemptables( $row['guid'] );

    if ( file_exists( "password.php" ) )

    {

        rename( "password.php", "password_x.php" );

    }

    header( "Location: index.php" );

}

 

echo "<script language=\"javascript\">\r\n\tfunction popitup(url) {\r\n\tnewwindow=window.open(url,'name','height=400,width=750');\r\n\tif (window.focus) {newwindow.focus()}\r\n//\treturn false;\r\n}\r\n</script>\r\n";

include( "../../auth/class.auth.php" );

include( "../../auth/class.hex2bin.php" );

include( "../../classes/textDb.class.php" );

$a = new auth( );

$a->init( );

session_start( );

$_SESSION['phoenix_language'] = $_POST['language'];

require_once( "lang_slovenian.php" );

include_once( "db.php" );

$conn = mysql_connect( HOST, USER, PASS );

mysql_query( "SET NAMES utf8" );

$rs = mysql_query( "SHOW DATABASES" );

if ( mysql_num_rows( $rs ) )

{

    if ( isset( $_COOKIE['phoenix_login_specs'], $_COOKIE['phoenix_login_specs'] ) )

    {

        $cookie = explode( "|", $_COOKIE['phoenix_login_specs'] );

        if ( count( $cookie ) != 2 && !is_numeric( $cookie[0] ) && !is_numeric( $cookie[1] ) )

        {

            $cookie = false;

        }

    }

    else

    {

        $cookie = false;

    }

    $dbs = $valids = $exp = $names = array( );

    while ( $row = mysql_fetch_assoc( $rs ) )

    {

        $temp = explode( "_", $row['Database'] );

        if ( $temp[0] == "phoenix" )

        {

            array_push( &$dbs, $row['Database'] );

        }

    }

    foreach ( $dbs as $db )

    {

        if ( !( $rs = mysql_query( "SELECT `".$db."`.`business_data`.* FROM `".$db."`.`business_data` LIMIT 1" ) ) || !( $row = mysql_fetch_assoc( $rs ) ) )

        {

            if ( array_key_exists( $row['exp_num'], $valids ) )

            {

                $expName = $row['exp_name'] ? $row['exp_name'] : $row['exp_num'];

                $valids[$row['exp_num']] = array( "db" => $db, "name" => $expName, "year" => $row['year'] );

            }

            if ( array_key_exists( $row['exp_num'], $exp ) )

            {

                if ( in_array( $row['year'], $exp[$row['exp_num']] ) )

                {

                    array_push( &$exp[$row['exp_num']], $row['year'] );

                }

            }

            else

            {

                $exp[$row['exp_num']] = array( $row['year'] );

            }

            if ( array_key_exists( $row['exp_num'], $names ) )

            {

                $names[$row['exp_num']][$row['year']] = $db;

            }

            else

            {

                $names[$row['exp_num']] = array( $row['year'] => $db );

            }

        }

    }

}

$error = false;

if ( isset( $_POST['username'], $_POST['username'] ) )

{

    if ( !isset( $_POST['passwd'], $_POST['passwd'] ) && !isset( $_POST['expositure'], $_POST['expositure'] ) && array_key_exists( $_POST['expositure'], $exp ) && in_array( $_POST['years'], $exp[$_POST['expositure']] ) )

    {

        $user = mysql_real_escape_string( $_POST['username'] );

        $pass = mysql_real_escape_string( $_POST['passwd'] );

        if ( $db_name = $names[$_POST['expositure']][$_POST['years']] )

        {

            if ( !( $rs = mysql_query( "SELECT * FROM `".$db_name."`.`users` WHERE `username`='".$user."' LIMIT 1" ) ) )

            {

                exit( mysql_error( ) );

            }

            if ( ( $row = mysql_fetch_assoc( $rs ) ) && $row['passwd'] == $pass )

            {

                if ( $row['session_userid'] )

                {

                    $login_spec = $_POST['expositure']."|".$_POST['years'];

                    dologin( $row, $db_name, $_POST['expositure'] );

                }

                else

                {

                    $rand = md5( mt_rand( ).mt_rand( ).mt_rand( ) );

                    $_SESSION['phoenix_temp_login'] = $rand;

                    $_SESSION['phoenix_temp_login_spec'] = $_POST['expositure']."_".$_POST['years'];

                    $rand2 = md5( $rand );

                    $error = "<BR><BR><font face='verdana' color='red'><div align='center'><font style='padding:10px; font-size:16px;'>".$lang['thisUserIsAlreadyLoginDoYouWantToContinue'].( "</font>\r\n\t\t\t\t\t<BR><BR>\r\n\t\t\t\t\t<input type=\"button\" onclick=\"window.location='login.php?continue=1&key=".$rand2."&key2={$row['guid']}'\" value=\"{$lang['yes']}\" /> <input type=\"button\" onclick=\"window.location='login.php?stop=true'\" value=\"{$lang['no']}\">" );

                }

            }

        }

    }

}

else if ( isset( $_GET['key'] ) && !empty( $_GET['key'] ) && isset( $_GET['continue'], $_SESSION['phoenix_temp_login'] ) && !empty( $_SESSION['phoenix_temp_login'] ) && isset( $_SESSION['phoenix_temp_login_spec'] ) && !empty( $_SESSION['phoenix_temp_login_spec'] ) && md5( $_SESSION['phoenix_temp_login'] ) == $_GET['key'] && !isset( $_GET['key2'], $_GET['key2'] ) )

{

    $spec = explode( "_", $_SESSION['phoenix_temp_login_spec'] );

    if ( count( $spec ) == 2 && array_key_exists( $spec[0], $exp ) && in_array( $spec[1], $exp[$spec[0]] ) )

    {

        $db_name = $names[$spec[0]][$spec[1]];

        if ( !( $rs = mysql_query( "SELECT * FROM `".$db_name."`.`users` WHERE `guid`='".$_GET['key2']."' LIMIT 1" ) ) )

        {

            exit( mysql_error( ) );

        }

        if ( $row = mysql_fetch_assoc( $rs ) )

        {

            $login_spec = $spec[0]."|".$spec[1];

            $_POST['years'] = $spec[1];

            dologin( $row, $db_name, $spec[0] );

        }

    }

}

echo "\r\n<!DOCTYPE html PUBLIC \"-//W3C//DTD XHTML 1.0 Transitional//EN\" \"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd\">\r\n<html xmlns=\"http://www.w3.org/1999/xhtml\">\r\n<head>\r\n<meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\" />\r\n<title>Phoenix</title>\r\n<style type=\"text/css\">\r\n<!--\r\n.izpostava {\r\n\tfont-family: Verdana, Arial, Helvetica, sans-serif;\r\n\tfont-size: 12px;\r\n\tfont-weight: normal;\r\n\tcolor: #000000;\r\n\ttext-decoration: none;\r\n\ttext-align: center;\r\n}\r\n.yearTitle {\r\n\tfont-family: Verdana, Arial, Helvetica, sans-serif;\r\n\tfont-size: 12px;\r\n\tfont-weight: normal;\r\n\tcolor: #ffffff;\r\n\ttext-decoration: none;\r\n}\r\n.langDiv {\r\n\tfont-family: Verdana, Arial, Helvetica, sans-serif;\r\n\tfont-size: 12px;\r\n\tfont-weight: normal;\r\n\tcolor: #000000;\r\n\ttext-decoration: none;\r\n\tpadding: 10px;\r\n}\r\n.langLink {\r\n\tfont-family: Verdana, Arial, Helvetica, sans-serif;\r\n\tfont-size: 12px;\r\n\tcolor: #FFFFFF;\r\n\ttext-decoration: Underline;\r\n}\r\n.izpostava2 {\r\n\tfont-family: Verdana, Arial, Helvetica, sans-serif;\r\n\tfont-size: 12px;\r\n\tfont-weight: normal;\r\n\tcolor: #ffffff;\r\n\ttext-decoration: none;\r\n\ttext-align: right;\r\n\t\r\n}\r\n.inputTitle {\r\n\tfont-family: Verdana, Arial, Helvetica, sans-serif;\r\n\tfont-size: 12px;\r\n\tcolor: #ffffff;\r\n\ttext-decoration: none;\r\n\ttext-align: right;\r\n}\r\n.headerTitle {\r\n\tfont-family: Verdana, Arial, Helvetica, sans-serif;\r\n\tfont-size: 14px;\r\n\tfont-weight: bold;\r\n\tcolor: #ffffff;\r\n\ttext-decoration: none;\r\n\ttext-align: center;\r\n}\r\n.submitButton {\r\n\tfont-family: Verdana, Arial, Helvetica, sans-serif;\r\n\ttext-decoration: none;\r\n\twidth: 160px;\r\n\tcolor: #ffffff;\r\n\tbackground-color: #00528f;\r\n\tfont-weight: bold;\r\n}\r\n\r\n.klikni{\r\n\twidth: 160px;\r\n\tfont-family: Verdana, Arial, Helvetica, sans-serif;\r\n\tcursor:pointer;\r\n\tborder:outset 1px #00528f;\r\n\tbackground:#999;\r\n\tcolor:#FFF;\r\n\tfont-weight:bold;\r\n\tpadding: 1px 2px;\r\n\tbackground:url(images/szbmit_bg.png) repeat-x left top;\r\n}\r\nbody {\r\n\tbackground-color: #F1F1F1;\r\n}\r\n-->\r\n</style>\r\n\r\n</head>\r\n\r\n<body onLoad=\"top.menu.document.location.reload(true);top.head_location.document.location.reload(true);$('username').focus();\" style=\"padding-top : 0px;padding-left : -0px;padding-right : 191px;padding-bottom : 0px;margin-top : 0px;margin-left : 0px;margin-right : 0px;margin-bottom : 0px;\">\r\n\r\n<p>\r\n  <script type=\"text/javascript\" src=\"../../core/prototype.js\"></script>\r\n  <script type=\"text/javascript\" src=\"../../core/scriptaculous.js\"></script>\r\n  <script type=\"text/javascript\">\r\nfunction showYears(val)\r\n{\r\n\tvar expYears = document.getElementById('expYears').value.split('|');\r\n\tvar size = expYears.length;\r\n\tvar x, y, size2, t, years = false;\r\n\tfor (x = 0; x < size; x++)\r\n\t{\r\n\t\tt = expYears[x].split('!');\r\n\t\t\r\n\t\tif (t[0] == val)\r\n\t\t{\r\n\t\t\tif (t[1])\r\n\t\t\t{\r\n\t\t\t\tyears = t[1].split(';');\r\n\t\t\t\tbreak;\r\n\t\t\t}\r\n\t\t}\r\n\t}\r\n\t\r\n\tif (years)\r\n\t{\r\n\t\t\r\n\t\tif (size = document.getElementById('years').options.length)\r\n\t\t{\r\n\t\t\tfor (x = 0; x < size; x++)\r\n\t\t\t\tdocument.getElementById('years').options[x] = null;\r\n\t\t}\r\n\t\t\r\n\t\tsize = years.length;\r\n\t\tfor (x = 0; x < size; x++)\r\n\t\t{\r\n\t\t\tdocument.getElementById('years').options[x] = new Option(years[x]);\r\n\t\t\tdocument.getElementById('years').options[x].value = years[x];\r\n\t\t}\r\n\t}\r\n}\r\nfunction showLanguage()\r\n{\r\n\tif ($('langDiv').style.display == 'none')\r\n\t\tEffect.BlindDown('langDiv', { duration: 0.2 });\r\n\telse\r\n\t\tEffect.BlindUp('langDiv', { duration: 0.2 });\r\n\treturn;\r\n}\r\n</script>\r\n  ";

if ( $error )

{

    echo $error;

}

else

{

    echo "</p>\r\n<p> </p>\r\n<p>  </p>\r\n<form action=\"login.php\" method=\"post\" onSubmit=\"\"><br/>\r\n<TABLE border=\"0\" cellspacing=\"0\" cellpadding=\"4\" width=\"501px\" height=\"213px\" align=\"center\" style=\"background-image:url(images/login.png);\" >\r\n\t<tr>\r\n    <tr>\r\n    \t<td colspan=\"2\" class=\"headerTitle\">Prijava v Phoenix</td>\r\n    </tr>\r\n      <TD width=\"165\" align=\"right\" class=\"inputTitle\">Uporabniško ime:</TD>\r\n      <td><input type=\"text\" name=\"username\" style=\"width: 150px; border: 1px #0066b3;\" value=\"";

    echo $HTTP_COOKIE_VARS['phoenix_userid'];

    echo "\" /></td>\r\n\t</tr>\r\n\t<tr>\r\n      <TD align=\"right\" class=\"inputTitle\">Geslo:</TD>\r\n      <td><input type=\"password\" name=\"passwd\" style=\"width: 150px; border: 1px #0066b3;\"></td>\r\n\t</tr>\r\n    <tr>\r\n    </tr>\r\n\t<tr>\r\n<td class=\"izpostava2\">Izpostava:</td><td>";

    if ( count( $valids ) )

    {

        $o = "<select id=\"expositure\" name=\"expositure\" style=\"width: 150px\" onchange=\"showYears(this.value)\">";

        if ( $_COOKIE['phoenix_login_selection'] )

        {

            $cookie = explode( "|", $_COOKIE['phoenix_login_selection'] );

        }

        $selNum = false;

        foreach ( $valids as $expNum => $valid )

        {

            if ( is_array( $cookie ) )

            {

                if ( $cookie[0] == $expNum )

                {

                    $sel = " selected=\"selected\"";

                    $selNum = $expNum;

                }

                else

                {

                    $sel = "";

                }

            }

            $o .= "<option value=\"".$expNum."\"".$sel.">".$valid['name']."</option>";

        }

        $o .= "</select> <span class=\"yearTitle\">Leto:</span> ";

    }

    if ( count( $valids ) )

    {

        $o .= "<select id=\"years\" name=\"years\">";

        if ( $selNum && array_key_exists( $selNum, $exp ) )

        {

            $key = $selNum;

        }

        else

        {

            reset( &$valids );

            $key = key( &$valids );

        }

        if ( array_key_exists( $key, $exp ) && count( $exp[$key] ) )

        {

            rsort( &$exp[$key], SORT_NUMERIC );

            foreach ( $exp[$key] as $year )

            {

                if ( is_array( $cookie ) )

                {

                    if ( $cookie[1] == $year )

                    {

                        $sel = " selected=\"selected\"";

                        $yearNum = $year;

                    }

                    else

                    {

                        $yearNum = false;

                        $sel = "";

                    }

                }

                $o .= "<option value=\"".$year."\"".$sel.">".$year."</option>";

            }

        }

        $o .= "</select> <a href=\"javascript:;\" onclick=\"showLanguage()\" class=\"langLink\">Jezik</a>";

        echo $o;

    }

    echo "</td>\r\n    </tr>\r\n    <td colspan=\"2\" align=\"center\" class=\"headerTitle\">\r\n    <div style=\"display: none;\" class=\"langDiv\" id=\"langDiv\">\r\n        \t\t<select name=\"language\" id=\"language\">\r\n                \t<option value=\"2\">Slovenščina</option>\r\n                    <option value=\"1\">English</option>\r\n                    <option value=\"3\">Hrvatski</option>\r\n                    <option value=\"4\">Srbski</option>\r\n                </select>\r\n          </div>\r\n    </td></tr>\r\n    <td colspan=\"2\" align=\"center\" class=\"headerTitle\">\r\n    \t<input class=\"klikni\" type=\"submit\" name=\"submit\" value=\"Prijava\" />\r\n    </td></tr>\r\n</TABLE>\r\n";

    if ( file_exists( "password.php" ) )

    {

        include( "password.php" );

    }

    echo "  ";

}

echo "</form>\r\n";

if ( count( $exp ) )

{

    $temp = array( );

    foreach ( $exp as $expNum => $years )

    {

        rsort( &$years, SORT_NUMERIC );

        array_push( &$temp, $expNum."!".implode( ";", $years ) );

    }

    echo "<input type=\"hidden\" id=\"expYears\" value=\"".implode( "|", $temp )."\" />";

}

echo "</body>\r\n</html>\r\n\r\n\r\n\r\n\r\n\r\n\r\n\r\n\r\n\r\n\r\n\r\n\r\n\r\n";

?>

 

Link to comment
Share on other sites
This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.