Всем привет! Помогите пожалуйста найти ошибку которая при входе в админку выбрасывает на главную страницу.Браузер ничего не показывает.Вот 2 файла в которых пытаюсь найти ошибку.Кажется проблема в сессиях. Код файла mradio_admin.php | Код |
<?php
require( dirname(__FILE__).'/mradio_config.php');
$action= (isset($_POST['action'])) ? $_POST['action'] : 'login';
$title="Login page";
switch($action) {
case 'login' :
$is_loged_in=false;
$user_login='';
$user_pass='';
$error='';
if ( $_POST ) {
$username=trim($_POST['log']);
$username = sanitize_user($username);
$password=trim($_POST['pwd']);
//bigin check login
$redir_to=get_settings('general','siteurl')."/mradio_admin/index.php";
$sql="SELECT count(unauth_login) as falses FROM ".$myradio->unauth." WHERE
unauth_logintime>DATE_SUB(NOW(),INTERVAL 1 HOUR) AND unauth_ip='$REMOTE_ADDR'";
$errors = @mysql_result(mysql_query($sql),0);
if (mysql_error())
die(mysql_error());
elseif ($errors>5) {
$myradio->db_error="Access denied! Try to login from an hour!";
}
elseif($username=='' || $password==''){
$myradio->db_error="Enter login and password!";
}
else {
$sql="SELECT * FROM ".$myradio->users." WHERE
user_login='$username' AND user_pass='". md5($password). "'";
$result = mysql_query($sql);
if (mysql_error()) die(mysql_error());
elseif (@mysql_num_rows($result)!=1){
$myradio->db_error="Wrong username or password!";
$sql="INSERT INTO ".$myradio->unauth." (unauth_login, unauth_pass, unauth_ip, unauth_logintime) VALUES
('$username', '".md5($password)."', '$REMOTE_ADDR $HTTP_X_FORWARDED_FOR', '".date('Y-m-d H:i:s',mktime())."')";
@mysql_query($sql);
}
else {
$data = mysql_fetch_assoc($result);
mysql_free_result($result);
//session_set_cookie_params(1800, "/");
session_start();
$_SESSION['user'] = $user;
/* session_register('user'); */
$user['login']=$data['user_login'];
$user['pass']=$data['user_pass'];
$user['status']=$data['user_status'];
header("Location: {$redir_to}");
exit();
}
}
if (isset($_COOKIE[session_name()]))
setcookie(session_name(),'');
unset($user);
//end check login
}
nocache_headers();
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title><?php echo $title; ?></title>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<link rel="stylesheet" href="mradio_admin/admin.css" type="text/css">
</head>
<body>
<div align="center">
<h3>Login:</h3>
<div id="logo"></div>
<div id="error_mes">
<?php echo $myradio->db_error; ?>
</div>
<div id="login_form">
<form name="loginform" id="loginform" action="mradio_admin.php" method="post">
<p>Username :<br>
<input type="text" name="log" id="log" value="" size="20"/>
</p>
<p>Password :<br>
<input type="password" name="pwd" id="pwd" value="" size="20"/>
</p>
<p>
<input type="submit" name="submit" id="submit" value="Login"/>
</p>
</form>
<!--<p><a href="/mradio_admin.php?action=lostpas">Lost your password?</a></p>-->
</div>
</div>
</body>
</html>
<?php
break;
}
function check_login($username, $password, $already_md5 = false) {
global $myradio;
}
?>
|
Код файла admin.php | Код |
<?php
require('../mradio_config.php');
$session_error = false;
if (!isset($_COOKIE[session_name()]))
$session_error = true;
else {
session_start();
$_SESSION['user'] = $user;
/* session_register("user"); */
if (!isset($user["login"]) || !isset($user["pass"]) || !isset($user["status"]))
$session_error = true;
};
if (!$session_error) {
$sql="SELECT user_id FROM ".$myradio->users." WHERE
user_login='{$user['login']}' AND user_pass='{$user['pass']}'
AND user_status='{$user['status']}'";
$check_result = mysql_query($sql);
if (mysql_error() || @mysql_num_rows($check_result) != 1)
$session_error = true;
};
if ($session_error) {
@session_destroy();
if (isset($_COOKIE[session_name()]))
@setcookie(session_name(),"","/");
@header("Location: ".get_settings('general','siteurl'));
exit();
};
mysql_free_result($check_result);
?>
|
|
Выбрасывает на главную страницу 
Загрузка ...
