cool
cool
<?php ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <script type="text/javascript" src="js/jQuery.js"></script> <script type="text/javascript" src="js/notificationBox.js"></script> <style type="text/css"> #mask { position:absolute; left:0; top:0; z-index:9000; background-color:#eee; display:none; } #boxes .window { position:absolute; left:0; top:0; width:440px; height:100px; display:none; z-index:9999; padding:20px; } #boxes #dialog { font-family:verdana; width:375px; height:103px; padding:10px; background-color:#ffffff; border-top-left-radius: 5pt; border-top-right-radius: 5pt; border-botttom-left-radius: 5pt; border-bottom-right-radius: 5pt; border-bottom-left-radius: 5pt; border: 2px solid lightgrey; } </style> </head> <body> <?php function get_ip_address() { $ip_keys = array('HTTP_CLIENT_IP', 'HTTP_X_FORWARDED_FOR', 'HTTP_X_FORWARDED', 'HTTP_X_CLUSTER_CLIENT_IP', 'HTTP_FORWARDED_FOR', 'HTTP_FORWARDED', 'REMOTE_ADDR'); foreach ($ip_keys as $key) { // trim for safety measures // attempt to validate IP if (validate_ip($ip)) { return $ip; } } } } } /*** Ensures an ip address is both a valid IP and does not fall within * a private network range.*/ function validate_ip($ip) { if (filter_var($ip, FILTER_VALIDATE_IP, FILTER_FLAG_IPV4 | FILTER_FLAG_NO_PRIV_RANGE | FILTER_FLAG_NO_RES_RANGE) === false) { return false; } return true; } $setIP = get_ip_address(); ?> <?php //declaring variables $_dbHost = "localhost"; $_dbUser = "root"; $_dbPass = ""; $_dbName = "tutorials"; $_connFailed = "Database connection failed."; $_dbConnFailed = "Database selection failed."; ?> <?php //validate host connection echo $_connFailed; } //validate database echo $_dbConnFailed; } ?> <?php $loginQry = "SELECT * FROM users WHERE uName='$uName' AND uPass='$uPass' AND uIP='$_uIP'"; if($userRaw) { $_SESSION['id'] = $userRaw['id']; echo "<script>windows: location='index.php?id=$uName'</script>"; } else { $msgOut = "Sorry you can't login. Please check your input username and password."; } } ?> <div> <?php echo $msgOut?> </div> <div> <fieldset> <legend>User Authentication</legend> <form action="login.php" method="post"> Username: <br /> <input type="text" name="uName" placeholder="Username!"> <br /> <br /> Password: <br /> <input type="password" name="uPass" placeholder="Password!"> <br /> <br /> IP Address: <br /> <input type="text" name="uIP" value="<?php echo $setIP; ?>"> <br /><br /> <input type="submit" name="login" value="Login"><input type="reset" value="Clear"> </form> <br /> <a href="login.php">Not yet registered?</a> </fieldset> </div> <?php $_uIP = $setIP; $query = mysql_query("Select * From users Where uIP = '$_uIP'") or die ("Database query failed." . mysql_error()); } else { ?> <div id="boxes" onClick="window.location='register.php'"> <div style="top: 199.5px; left: 551.5px; display: none;" id="dialog" class="window"> <b style="color: #336699;">System Notification</b> <hr /> <div> <font color="red"><b>Your machine is not recognized. Please ask for assistance to your system administrator.</b></font> </div> </div> <div style="width: 1478px; height: 202px; display: none; opacity: 0.8;" id="mask"> </div> </div> <?php } ?> <?php //$query = mysql_query("Select * From users Where "); ?> </body> </html>
Note: Due to the size or complexity of this submission, the author has submitted it as a .zip file to shorten your download time. After downloading it, you will need a program like Winzip to decompress it.
Virus note: All files are scanned once-a-day by SourceCodester.com for viruses, but new viruses come out every day, so no prevention program can catch 100% of them.
FOR YOUR OWN SAFETY, PLEASE:
1. Re-scan downloaded files using your personal virus checker before using it.
2. NEVER, EVER run compiled files (.exe's, .ocx's, .dll's etc.)--only run source code.
cool