Hey Guys,
I was trying to code a Content Management System, but I can't log into the Administration Area. The rest of the Website work very well. I can't figure out why I can't log into the Admin Area. Here is the Code of some files.
This is the index.php.
<?php
/* load konfuration files */
include('../inc/base.inc.php');
include('../inc/adminfunctions.inc.php');
include('../inc/login.inc.php');
/* Check if logged in, else login -> login.inc.php */
if(is_logged_in())
{
/* read given variables */
$cmd = $_GET['cmd'];
$id = $_GET['id'];
/* read template */
$template = get_file_as_string($base['adm_template']);
/* load content */
switch(strtolower($cmd))
{
default:
case 'news':
$base['adm_content'] = '<h4>'.$base['adm_actual'].'<i>News</i></h4>';
$base['adm_content'] .= load_admin_news();
break;
case 'newsedit':
$base['adm_content'] = '<h4>'.$base['adm_actual'].'<i>News bearbeiten</i></h4>';
$base['adm_content'] .= load_admin_newsedit($id);
break;
case 'newsadd':
$base['adm_content'] = '<h4>'.$base['adm_actual'].'<i>News erstellen</i></h4>';
$base['adm_content'] .= load_admin_newsadd($id);
break;
case 'newsdel':
$base['adm_content'] = '<h4>'.$base['adm_actual'].'<i>News löschen</i></h4>';
$base['adm_content'] .= load_admin_newsdel($id);
break;
case 'downloads':
$base['adm_content'] = '<h4>'.$base['adm_actual'].'<i>Downloads</i></h4>';
$base['adm_content'] .= load_admin_downloads();
break;
case 'downloadsedit':
$base['adm_content'] = '<h4>'.$base['adm_actual'].'<i>Downloads bearbeiten</i></h4>';
$base['adm_content'] .= load_admin_downloadsedit($id);
break;
case 'downloadsadd':
$base['adm_content'] = '<h4>'.$base['adm_actual'].'<i>Download hinzufügen</i></h4>';
$base['adm_content'] .= load_admin_downloadsadd($id);
break;
case 'downloadsdel':
$base['adm_content'] = '<h4>'.$base['adm_actual'].'<i>Download löschen</i></h4>';
$base['adm_content'] .= load_admin_downloadsdel($id);
break;
case 'links':
$base['adm_content'] = '<h4>'.$base['adm_actual'].'<i>Links</i></h4>';
$base['adm_content'] .= load_admin_links();
break;
case 'linkedit':
$base['adm_content'] = '<h4>'.$base['adm_actual'].'<i>Links bearbeiten</i></h4>';
$base['adm_content'] .= load_admin_linkedit($id);
break;
case 'linkadd':
$base['adm_content'] = '<h4>'.$base['adm_actual'].'<i>Link hinzufügen</i></h4>';
$base['adm_content'] .= load_admin_linkadd($id);
break;
case 'linkdel':
$base['adm_content'] = '<h4>'.$base['adm_actual'].'<i>Link löschen</i></h4>';
$base['adm_content'] .= load_admin_linkdel($id);
break;
case 'articles':
$base['adm_content'] = '<h4>'.$base['adm_actual'].'<i>Artikel</i></h4>';
$base['adm_content'] .= load_admin_articles();
break;
case 'articleedit':
$base['adm_content'] = '<h4>'.$base['adm_actual'].'<i>Artikel bearbeiten</i></h4>';
$base['adm_content'] .= load_admin_articleedit($id);
break;
case 'articleadd':
$base['adm_content'] = '<h4>'.$base['adm_actual'].'<i>Artikel erstellen</i></h4>';
$base['adm_content'] .= load_admin_articleadd($id);
break;
case 'articledel':
$base['adm_content'] = '<h4>'.$base['adm_actual'].'<i>Artikel löschen</i></h4>';
$base['adm_content'] .= load_admin_articledel($id);
break;
}
/* replace placeholders */
$template = str_replace($base['tag_start'].'title'.$base['tag_end'],$base['adm_title'],$template);
$template = str_replace($base['tag_start'].'shortnav'.$base['tag_end'],$base['adm_shortnav'],$template);
$template = str_replace($base['tag_start'].'navigation'.$base['tag_end'],$base['adm_navigation'],$template);
$template = str_replace($base['tag_start'].'content'.$base['tag_end'],$base['adm_content'],$template);
$template = str_replace('$PHP_SELF',$PHP_SELF,$template);
/* show template */
echo stripslashes($template);
}
?>
It loads the function "is_logged_in" from the file login.inc.php:
<?php
/* Session initialisieren */
session_start();
/* Überprüft, ob ein Login erfolgt ist */
function is_logged_in()
{
global $base;
/* User angemeldet? */
if($_SESSION['authenticated'] == true)
{
return true;
}
/* Login ausgeben */
else
{
$content = '<h4>Login</h4>';
$content .= '<form action="login.php" method="post">';
$content .= '<table border="0" cellpadding="2" cellspacing="0">';
$content .= '<tr>';
$content .= '<td>Benutzername:</td><td><input type="text" name="username" size="32" maxlength="64"></td>';
$content .= '</tr><tr>';
$content .= '<td>Passwort:</td><td><input type="password" name="password" size="32"></td>';
$content .= '</tr><tr>';
$content .= '<td></td><td><input type="submit" value="Login"></td>';
$content .= '</tr>';
$content .= '</table>';
$content .= '</form>';
$template = get_file_as_string($base['adm_template']);
$template = str_replace($base['tag_start'].'title'.$base['tag_end'],$base['adm_title'],$template);
$template = str_replace($base['tag_start'].'shortnav'.$base['tag_end'],' ',$template);
$template = str_replace($base['tag_start'].'navigation'.$base['tag_end'],' ',$template);
$template = str_replace($base['tag_start'].'content'.$base['tag_end'],$content,$template);
$template = str_replace('$PHP_SELF',$PHP_SELF,$template);
echo stripslashes($template);
return false;
}
}
?>
And this is the login.php file:
<?php
/* Session initialisieren */
session_start();
/* read given variables */
$username = $_POST['username'] ? $_POST['username'] : false;
$password = $_POST['password'] ? $_POST['password'] : false;
if($username && $password)
{
/* create encrypted password */
$encrypted = md5($username,$password);
include('../inc/database.inc.php');
$connection = mysql_connect($db['host'],$db['uid'],$db['pwd']);
if($connection)
{
if(mysql_select_db($db['db']))
{
$sql = "SELECT id FROM user WHERE (username = '$username') AND (password = '$encrypted') AND (active = 'true')";
$result = mysql_query($sql);
if($result && (@mysql_num_rows($result) > 0))
{
$row = mysql_fetch_row($result);
$_SESSION['authenticated'] = true;
$_SESSION['user_id'] = $row[0];
$_SESSION['username'] = $username;
}
else
{
$_SESSION['authenticated'] = false;
}
}
}
}
/* Umleitung */
header('Location: index.php');
?>
I really can't figure out, why I can't login. can someone help my with this Problem?
Have a nice day.