Sudden my website admin panel no longer works and i’ve tired many ways to edit it and all are faild.
Please show me where the error should be
Database
CREATE TABLE `egadmin` (
`AdminID` int(10) NOT NULL auto_increment,
`username` varchar(50) NOT NULL default '',
`password` varchar(50) NOT NULL default '',
PRIMARY KEY (`AdminID`)
) ENGINE=MyISAM DEFAULT CHARSET=latin1 AUTO_INCREMENT=2 ;
INSERT INTO `egadmin` VALUES (1, 'admin', 'pass');
conn.php [connection file]
<?php
$db_host = "localhost";
$db_username = "root";
$db_password = "mypass";
$db_name = "dbname";
$connection = mysql_connect($db_host, $db_username, $db_password) or die(mysql_error());
$db = mysql_select_db($db_name, $connection);
?>
index.php [Login Form]
<form action="validate.php" method="post">
ID <input type="text" name="userid" id="userid" />
Password <input type="password" name="password" id="password" />
<input type="submit" name="submit" value="Submit" />
</form>
validate.php [Login form send it to validate.php]
<?php
require_once("conn.php");
$user = $_POST["userid"];
$pass = sha1($_POST["password"]);
$query = "SELECT * FROM egadmin WHERE username = '$user' AND password = '$pass'";
$result = mysql_query($query);
if (mysql_fetch_row($result)) {
session_start();
header("Cache-control: private");
$_SESSION["access"] = "granted";
header("Location: secure.php");
} else
header("Location: index.php");
?>
secure.php [Should be the protected file]
<?php
session_start();
header("Cache-control: private");
if ($_SESSION["access"] == "granted")
echo "blah blah blah";
else
header("Location: index.php");
?>
The problem
every time i enter correct login informations (username,password) it keep resend me to login form (index.php) so it looks like it can not create $_SESSION at all.
Any help please how to fix it or why that error
Note : PHP Version 5.2.17 | register_globals = On (also not working if it Off)
Your trying to compare a encrypted password to a non encrypted password. Make sure the pass in the database is also encrypted.