ok

Mini Shell

Direktori : /home/ngwcolle/www/admin/
Upload File :
Current File : //home/ngwcolle/www/admin/index.php

<?php session_start();
error_reporting(1);
include 'includes/config.php';
if (empty($_SESSION['token'])) {
    $_SESSION['token'] = bin2hex(random_bytes(32));
    $_SESSION["token-expire"] = time() + 3600; // 1 hour = 3600 secs
}
if (isset($_POST['login'])) {

    if (hash_equals($_SESSION["token"], $_POST["token"])) {

        $uname = $_POST['username'];
        $Password = md5($_POST['inputpwd']);
        $stmt = $mysqli->prepare("select ID,AdminName,isActive from tbladmin where  AdminuserName=? && Password=? ");
        $stmt->bind_param("ss", $uname, $Password);
        $stmt->execute();
        // $query = mysqli_query($con, "select ID,AdminName,isActive from tbladmin where  AdminuserName='$uname' && Password='$Password' ");
        $result = $stmt->get_result();
        $ret = $result->fetch_assoc();
        if ($ret > 0) {
            $_SESSION['aid'] = $ret['ID'];
            unset($_SESSION['token']);
            unset($_SESSION['token-expire']);
            header('location:dashboard.php');
        } else {
            echo "<script>alert('Invalid Details.');</script>";
        }
    } else {
        echo '<script>alert("Malicious Data found & submitted. Please try again.")</script>';
    }
}
?>


<!DOCTYPE html>
<html lang="en">

<head>

    <meta charset="utf-8">
    <meta http-equiv="X-UA-Compatible" content="IE=edge">
    <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
    <meta name="description" content="">
    <meta name="author" content="">

    <title>Admin Login</title>

    <!-- Custom fonts for this template-->
    <link href="vendor/fontawesome-free/css/all.min.css" rel="stylesheet" type="text/css">
    <link href="https://fonts.googleapis.com/css?family=Nunito:200,200i,300,300i,400,400i,600,600i,700,700i,800,800i,900,900i" rel="stylesheet">

    <!-- Custom styles for this template-->
    <link href="css/sb-admin-2.min.css" rel="stylesheet">

</head>

<body style="background-image: linear-gradient(to right top, #051937, #004d7a, #008793, #00bf72, #a8eb12);">

    <div class="container">

        <!-- Outer Row -->
        <div class="row justify-content-center">

            <div class="col-xl-10 col-lg-12 col-md-9">
                <?php $query = mysqli_query($con, "select * from tblsite");
                while ($row = mysqli_fetch_array($query)) {
                    $logo = $row['siteLogo'];
                    $wtitle = $row['siteTitle'];
                } ?>
                <p align="center">
                    <img src="uploadeddata/<?php echo $logo; ?>" width="150">
                </p>
                <h3 align="center" style="margin-top:4%;color:#fff"><?php echo $wtitle; ?></h3>
                <div class="card o-hidden border-0 shadow-lg my-5">

                    <div class="card-body p-0">
                        <!-- Nested Row within Card Body -->
                        <form name="login" method="post" autocomplete="off">
                            <input type="hidden" name="token" value="<?php echo htmlentities($_SESSION['token']); ?>">
                            <div class="row">
                                <div class="col-lg-6 d-none d-lg-block bg-login-image"></div>
                                <div class="col-lg-6">
                                    <div class="p-5">
                                        <div class="text-center">
                                            <h1 class="h4 text-gray-900 mb-4">Welcome Back!</h1>
                                        </div>
                                        <form class="user">
                                            <div class="form-group">
                                                <input type="text" class="form-control" name="username" id="username" placeholder="Enter username" required="true">
                                            </div>
                                            <div class="form-group">
                                                <input type="password" class="form-control" name="inputpwd" id="inputpwd" placeholder="Password">
                                            </div>
                                            <input type="submit" name="login" class="btn btn-primary btn-user btn-block" value="login">
                                        </form>
                                        <hr>
                                        <div class="text-center">
                                            <a class="small" href="password-recovery.php" style="font-weight:bold">Forgot Password?</a>

                                        </div>

                                        <div class="text-center">
                                            <a class="small" href="../index.php" style="font-weight:bold;"><i class="fa fa-home" aria-hidden="true"></i> Home Page</a>
                                        </div>

                                    </div>
                                </div>
                            </div>

                        </form>

                    </div>
                </div>

            </div>

        </div>

    </div>

    <!-- Bootstrap core JavaScript-->
    <script src="vendor/jquery/jquery.min.js"></script>
    <script src="vendor/bootstrap/js/bootstrap.bundle.min.js"></script>

    <!-- Core plugin JavaScript-->
    <script src="vendor/jquery-easing/jquery.easing.min.js"></script>

    <!-- Custom scripts for all pages-->
    <script src="js/sb-admin-2.min.js"></script>

</body>

</html>

Zerion Mini Shell 1.0