Location: PHPKode > projects > KSMS bulk sms manager > ksms-e1.2.35/admin/admlogin.php
<?php
// -------------------------------------------------------------------------//
// KSMS ^ Short Message System Manager										//
// -------------------------------------------------------------------------//
// Copyright (C) 2002-2006 Paolo Remonato                                   //
// http://www.assiplan.it/sms/                                              //
// -------------------------------------------------------------------------//
// version: (see /KSMS/vers.inc.php)										//
// -------------------------------------------------------------------------//

###		@version 	: 2006-02-21,v1.2.35	kingmo
###		@last sing_upd 	: 
###		@filename 	: 

define('IN_KSMS', true);

require("admconfig.inc.php");
$sesspth = $cfg["sespath"];
session_save_path($sesspth);
session_start();
unset($adm_login, $project_name, $imgs_admin_dir, $imgs_pub_dir, $privs);
require("admgrab_globals.inc.php");
require("admconnection.inc.php");
require("admheadlog.inc.php");

      if (!$adconf = $db->Execute("SELECT * FROM config")) {
         echo "<table class=\"notice\" width=\"100%\"><tr><td>DB SELECT_ERROR: " . $db->ErrorMsg() . "</td></tr></table>";
         break;
      }
$imgs_pub_dir=$adconf->fields["imgs_pub_dir"];
$imgs_admin_dir=$adconf->fields["imgs_admin_dir"];

function user_form() { 
?>
   <table class="default" border="0" cellpadding="10" width="100%"><tr><td>
      <table class="default" border="0" cellpadding="0" cellspacing="0" width="100%">
         <tr>
            <td align="left">
               <a href="../../KSMS/">
                  <img src="../images/logoKS.gif" alt="visit our main site!" width="199" height="84" border="0">
				  </a>
               <hr>
            </td>
            <td align="center">
			<img src="../images/base.gif" alt="KSMS BY ASSIPLAN.IT" width="107" height="149" border="0">
            </td>
         </tr>
      </table>
      <table class="default" align="center" border="0" cellpadding="1" cellspacing="0">
         <form action="admlogin.php" method="post" name="form1">
         <tr class="row_head">
            <td align="center" colspan="2"><b>Restricted page! Put your data here</b></td>
         </tr>
         <tr class="row_even">
            <td align="center" colspan="2">&nbsp;</td>
         </tr>
         <tr class="row_even">
            <td align="right">Username:</td>
            <td>
			<?PHP
			if (CHECK_ADMIN_ACCESS == 'off') {
			echo '<input type="text" name="auid" size="16" value="admin">';
			} else {
			echo '<input type="text" name="auid" size="16" value="">';
			}
			?>
			
			</td>
         </tr>
         <tr class="row_even">
            <td align="right">Password:</td>
            <td><input type="password" name="apasswd" size="16" value=""></td>
         </tr>
         <tr class="row_even">
            <td colspan="2">
               <input type="submit" value="Login"
            </td>
         </tr>
         <input type="hidden" name="action" value="check_user">
         </form>
      </table>
	  <br>
	<div align="center"><font face="Verdana,Geneva,Arial,Helvetica,sans-serif" size="2" color="#FC5301">The Help Page is undercontruction!</font></div>
   </td></tr></table>
   <script language="JavaScript">
      document.form1.auid.focus();
   </script> 
   
  <?php
}

$action = strtolower($action);
switch ($action) {
   case "check_user":
   echo "<br/>Admin_Check_Access: ".CHECK_ADMIN_ACCESS."<br/>";  // 
   $auid = $_POST['auid'];
      if (!$user = $db->Execute("SELECT * FROM config WHERE adm_login='$auid'")) {
         echo "<table class=\"notice\" width=\"100%\"><tr><td>DB ERROR: " . $db->ErrorMsg() . "</td></tr></table>";
         break;
      }
      if ($user->RecordCount() > 0) {
	    $apasswd = $_POST['apasswd'];
	// THESE 3 ROWS ARE USED FOR TESTING....
	//	echo '<br>-_-_ PWDCLEAR = '.$apasswd.' _-__<br>';
	//	echo '<br>-_-_ PWDMD5 = '.md5($apasswd).' _-__<br>';
	//	echo '<br>-_-_ SQLPWD = '.$user->fields["adm_pass"].' _-__<br>';

// BY-PASS THE INTIAL PASSWORD CHECK IN ADMIN AREA 
if (CHECK_ADMIN_ACCESS == 'off') {
	echo '<br />';
	echo '<font face="Verdana,Geneva,Arial,Helvetica,sans-serif" size="4" color="#B10505">';
	print "WARNING : in admin/admconfig.inc.php you must setup this variable to \"on\"";
	print "define(\"CHECK_ADMIN_ACCESS\", \"on\");";
	echo '</font>';
	echo '<br />';
 } else {
         if (md5($apasswd) != $user->fields["adm_pass"]) {
            echo "<table class=\"notice\" width=\"100%\"><tr><td>Invalid Password. </td></tr></table><br><br>";
			//echo "<br />SELECT * FROM config WHERE adm_login='$auid'";
            user_form();
            break;
         }
   }
// TO BY PASS THE LOGIN PASSWORD DELETE THIS LINE, !!!


         $_SESSION["adm_login"] = $user->fields["adm_login"];
         $_SESSION["project_name"] = $user->fields["project_name"];
         $_SESSION["imgs_pub_dir"] = $user->fields["imgs_pub_dir"];
		 $_SESSION["imgs_admin_dir"] = $user->fields["imgs_admin_dir"];
		 $_SESSION["privs"] = $user->fields["adm_privs"];
         require("footer2.inc.php"); ?>
         <script language="JavaScript">
            window.location="index.php";
         </script> <?php
      }
      echo "<table class=\"notice\" width=\"100%\"><tr><td>Invalid Username.</td></tr></table>";
	  
			//echo "<br />SELECT * FROM config WHERE adm_login='$auid'";
      user_form();
      break;
   default:
      user_form();
      break;
}

require("footer2.inc.php"); ?>
Return current item: KSMS bulk sms manager