PhpSnip.com

Navigation

Resources

User Stats

  • 3313 subscribers
    ( Subscribe Now )
  • 7 guests online
  • 580 hits Today
  • 589 hits Yesterday
  • 23628 hits this month
  • Total 514360 hits
  • Total Scripts : 580

PHP login and Log to MySQL

Simple and relativity safe login scripts for web sites with secret contains and multiple users. All traffic is loged to MySQL database for possible latter analysis... This scrips work correctly only with PHP 4.2 and higher...

Info

 Download  View Source (print view)
 Rating : 4.7  Views : 663

Source Code ( 161 lines )

<!--login.php-->
<html>
<head>
       <title>Login Entry Point</title>
</head>
<body>
<!--
Simple and relativity safe login scripts for web sites with secret contains and 
multiple users. All traffic is loged to MySQL database for possible latter analysis... 
This scrips work correctly only with PHP 4.2 and higher and default php.ini settings 
( register_globals option is turned off,  so some older scripts need revitalisation )
hidden inputs ( client detection variables must be register with new EGPCS futures )
in form go to MySQL log file. Set of new EGPCS values contain:
$_ENV --  system environment variables
$_SERVER --  server variables ( HTTP_USER_AGENT etc )
$_SESSION --  session variables 
$_GET --  variables in the query string ( from GET forms, too )
$_POST --  variables submitted from POST forms
$_COOKIE --  cookie variables
$_REQUEST -- everything in $_GET, $_POST, and $_COOKIE
Scripts are tested with Win2000/IIS 5/PHP 4.2.1 and working with older versions of 
PHP ( and Apache server), too, but intrusion is possible via browser command line input
( in this case: http://localhost/log2db.php?authorized=1 )
author e-mail: brane.slevec@telesat.si 
-->
<?php
$REMOTE_ADDR = $_SERVER['REMOTE_ADDR'];
$HTTP_USER_AGENT = $_SERVER['HTTP_USER_AGENT'];
?>
<form action="log2db.php" method="POST">
   <input type="hidden" name="date_time" value="<? echo date ("l dS of F Y h:i:s A"); ?>"/>
   <input type="hidden" name="day" value="<? echo date ("l"); ?>"/>
   <input type="text" name="username" />  UN <br />
   <input type="password" name="password" />  PW <br /><br />
   <input type="hidden" name="ip" value="<? echo "$REMOTE_ADDR"; ?>"/>
   <input type="hidden" name="client" value="<? echo "$HTTP_USER_AGENT"; ?>"/>
   <input type="submit" value="LOGIN HERE....." />  GO
</form>
</body>
</html>
<!--end of script-->

<!--log2db.php-->
<?php
//Main part of this set of 3 scripts...
$username = $_POST['username'];
$password = $_POST['password'];
$username1 = $_POST['username'];
$password1 = $_POST['password'];
$date_time = $_POST['date_time'];
$day = $_POST['day'];
$ip = $_POST['ip'];
$client = $_POST['client'];
if(
   $username1 == 'un1'
   and
   $password1 == 'pw1'
   or
   $username1 == 'un2'
   and
   $password1 == 'pw2'
   or
   $username1 == 'un3'
   and
   $password1 == 'pw3'
   or
   $username1 == 'un4'
   and
   $password1 == 'pw4'
   )
   $authorized = true;
else
{
    echo "<H2>Invalid user name or password: access denied.</H2>";
    $log = "access denied";
}
?>
<?php if (!$authorized):
else: ?>
<a href="../">ENTER</a><br /><br />
<a href="">ENTER</a><br /> <br />
<a href="log_db.php">LOG`S</a>
<?php endif; ?>
<?
$sqlhostname = "localhost";
$login2 = "root";
$password2 = "mysql_password";
$base = "login";
$db_connect = mysql_connect($sqlhostname,$login2,$password2);
$base_selection = mysql_select_db($base,$db_connect);
$query = "INSERT INTO log VALUES (NULL, '$date_time', '$username', '$password',
'$ip', '$client', '$log', '$day')";
$req = mysql_query($query);
if (!$req)
{ echo "<B>Error ".mysql_errno()." :</B> ".mysql_error()."";
exit; }
echo "<br /><br />";
echo "Your login has been loged...";
echo "<br>";
echo ("<li>"."<a href="login.php">LOGIN AGAIN?</a>"."</li>");
?>
<!--end of script-->

<!--log_db.php-->
<?
$sqlhostname = "localhost";
$login = "root";
$password = "mysql_password";
$base = "login";
$db_connect = mysql_connect($sqlhostname,$login,$password);
$base_selection = mysql_select_db($base,$db_connect);
$query = "SELECT * FROM log ";
/*$query = "SELECT * FROM log WHERE log=''";*/
/*$query = "SELECT * FROM log WHERE day='Friday'";*/
/*$query = "SELECT * FROM log WHERE log='' AND day='Saturday'";*/
/*$query = "SELECT * FROM log WHERE username='un1' AND day='Sunday'";*/
/*$query = "SELECT * FROM log WHERE log='access denied'";*/
/*$query = "SELECT * FROM log WHERE log='access denied' AND day='Monday'";*/
$req = mysql_query($query);
if (!$req)
{ echo "<B>Error ".mysql_errno()." :<br /> ".mysql_error()."";
exit; }
$res = mysql_num_rows($req);
if ($res == 0)
   { echo "<center><b>Log file is empty...</b></center>";}
else
   { while($row = mysql_fetch_array($req))
            {
               extract($row);
   echo"<hr size='1' noshade color='#FF0000'>";
   echo"<h2>$log</h2>
        $id -
		$date_time<br /><br />
        IP - <b>$ip</b><br />
		UN - <b>$username</b><br />
		PW - <b> $password</b><br /><br />
  		$client<br />
        <h2>$log</h2>
        <hr size='1' noshade color='#0000FF'>";
    }
mysql_free_result($req);
}
?>
<!--end of script-->

<!--MySQL database-->
<!--
Create db named "login" with this dump table structure:
CREATE TABLE log (
  id int(11) NOT NULL auto_increment,
  date_time tinytext NOT NULL,
  username tinytext NOT NULL,
  password tinytext NOT NULL,
  ip tinytext NOT NULL,
  client tinytext NOT NULL,
  log tinytext NOT NULL,
  day tinytext NOT NULL,
  PRIMARY KEY  (id)
) TYPE=MyISAM;

<!--end of scripts-->

Search

Subscribe

  Rss Feeds

Recently Searched

php script" class="neww" target="_b, how to use this code, php_tools, yahoo_status_shopping_cart.php, php file upload, shopping_cart and user=0--, drop down, mysql_commit, forum, shopping_cart', backup, updateoraddimagesonpages, rtttl to 8 bit source code, stefan_hornea, rent_and_0=1_union_select, how to run php, php_script"_class="neww"_target="_blank"_title="im_neuen, embed_snippets, farah_aead, sql incection, antoine anik

Sponsors

Advertise

Copyrights 2010 PhpSnip.com. All rights reserved.