Jump to content

Removing PassWord requiernments from this PHP page?


Dragon_12dk
 Share

Recommended Posts

Hello, I have been working on relocating an HTML form from an admin panel over to a new page where anyone can access. However the Action will produce a 403 because they cant access the admin panel. so essentially I am trying to scrap the old admin panel to make it into an upload area... Anyways, What I am trying to do is simply remove the login requirement from a page so anyone may access it. However I keep breaking the page when I try to remove the login...

 

Here is the PHP where I am trying to remove the password / login requirements so that anyone can access.

 

Any help would be awesome :D

<?phpfunction PageMain() {	global $TMPL;		$time = time()+86400;	$exp_time = time()-86400;		$TMPL['loginForm'] = '	<form action="/index.php?a=admin" method="post">	Username: <input type="text" name="username" value="admin" /><br />	Password: <input type="password" name="password" value="password" /><br /><br />	<input type="submit" value="Log In" name="login"/>	</form>	<div class="addurlSmall">Note: The password is case-sensitive.</div>';		if(isset($_POST['login'])) {		header("Location: /index.php?a=admin");		$username = $_POST['username'];		$password = $_POST['password'];				setcookie("username", $username, $time);		setcookie("password", $password, $time);						$query = sprintf('SELECT * from users where username = "%s" and password ="%s"', mysql_real_escape_string($_COOKIE['username']), md5(mysql_real_escape_string($_COOKIE['password'])));	} elseif(isset($_COOKIE['username']) && isset($_COOKIE['password'])) { 		$query = sprintf('SELECT * from users where username = "%s" and password ="%s"', mysql_real_escape_string($_COOKIE['username']), md5(mysql_real_escape_string($_COOKIE['password'])));			if(mysql_fetch_row(mysql_query($query))) {			$TMPL['success'] = '<div class="success">Welcome <strong>'.$_COOKIE['username'].'</strong>, <a href="/index.php?a=admin&logout=1">Log Out</a></div>';			$TMPL['rowsTitle'] = '<h3>Top 15 Keywords</h3><div class="addurlSmall">Delete one or more keywords by clicking the <strong>X</strong> sign.<br /><br /></div>';			$TMPL['loginForm'] = '';						$TMPL_old = $TMPL; $TMPL = array();			$skin = new skin('admin/ads'); $ads = '';			$query = 'SELECT ad1,ad2,ad3 from users';			$result = mysql_query($query);			if(isset($_POST['ads1']) || isset($_POST['ads2']) || isset($_POST['ads3'])) {				$query = 'UPDATE `users` SET ad1 = ''.$_POST['ads1'].'', ad2 = ''.$_POST['ads2'].'', ad3 = ''.$_POST['ads3'].'' WHERE username = ''.$_COOKIE['username'].''';				mysql_query($query);				header("Location: /index.php?a=admin");			}			while($TMPL = mysql_fetch_assoc($result)) {					$ads .= $skin->make();			}						$skin = new skin('admin/rows'); $all = '';			$query = 'SELECT id,keyword, count from keywords WHERE keyword !="Search..." ORDER BY count DESC LIMIT 0,15';			$result = mysql_query($query);			while($TMPL = mysql_fetch_assoc($result)) {					$all .= $skin->make();			}				if(isset($_GET['delete'])) {					$delQuery = 'DELETE from `keywords` where id = '.$_GET['delete'].'';					mysql_query($delQuery);					header("Location: /index.php?a=admin");				}						$skin = new skin('admin/remove'); $remove = '';						if(isset($_POST['remove'])) {				$query = 'DELETE from web WHERE id = "'.$_POST['remove'].'"';				mysql_query($query);				header("Location: /index.php?a=admin");			}			$remove .= $skin->make();						$skin = new skin('admin/title'); $title = '';						$queryTitle = "SELECT title from users where id = '1'";			$resultTitle = mysql_fetch_row(mysql_query($queryTitle));				$TMPL['currentTitle'] = $resultTitle[0];						if(isset($_POST['title'])) {				$query = 'UPDATE `users` SET title = ''.$_POST['title'].'' WHERE username = ''.$_COOKIE['username'].''';				mysql_query($query);				header("Location: /index.php?a=admin");			}			$siteTitle .= $skin->make();						$skin = new skin('admin/add'); $title = '';						if(isset($_POST['addtitle']) && isset($_POST['addurl']) && isset($_POST['adddesc'])) {				$url = parse_url($_POST['addurl']);				$date = date("d M Y");				$query = "INSERT INTO `web` (`url` ,  `title` ,  `description`, `date`) VALUES ('http://".$url['host']."', '".$_POST['addtitle']."', '".$_POST['adddesc']."', '".$date."')";				mysql_query($query);				header("Location: /index.php?a=admin");			}			$add .= $skin->make();									$skin = new skin('admin/password'); $password = '';			if(isset($_POST['pwd'])) {				$pwd = md5($_POST['pwd']);				$query = 'UPDATE `users` SET password = ''.$pwd.'' WHERE username = ''.$_COOKIE['username'].''';				mysql_query($query);				header("Location: /index.php?a=admin");			}			$password .= $skin->make();					$TMPL = $TMPL_old; unset($TMPL_old);			$TMPL['add'] = $add;			$TMPL['rows'] = $all;			$TMPL['ads'] = $ads;			$TMPL['remove'] = $remove;			$TMPL['password'] = $password;			$TMPL['siteTitle'] = $siteTitle;						if(isset($_GET['logout']) == 1) {				setcookie('username', '', $exp_time);				setcookie('password', '', $exp_time);				header("Location: /index.php?a=admin");				}			} else { 			$TMPL['error'] = '<div class="error">Invalid username or password. Remember that the password is case-sensitive.</div>';			unset($_COOKIE['username']);			unset($_COOKIE['password']);		}				}	$queryTitle = "SELECT title from users where id = '1'";	$resultTitle = mysql_fetch_row(mysql_query($queryTitle));		$TMPL['title'] = 'Admin - '.$resultTitle[0].'';	$skin = new skin('admin/content');	return $skin->make();}?>
Link to comment
Share on other sites

My thought on this would be for you to replace the following...

$username = $_POST['username'];$password = $_POST['password'];

...with...

$username = 'guest';$password = 'password123';

...and then create a guest account for this login to use.

Link to comment
Share on other sites

Hmmm, you need to explain why you need this code to run. I doubt that you want guests to have admin privileges. This code is a function PageMain(). What other code calls the function PageMain() ?

Link to comment
Share on other sites

The idea of opening this page up is that it is currently an admin panel, and through it admins can add websites to a search engine, however I want anyone to be able to add their own site. So I built a html form that goes through the action of posting the info to this page, this results in a 403 no access, and prevents it from working. I plan on having this old admin panel just a relatively blank page where the action of posting information can go through without the 403 error...

Link to comment
Share on other sites

Please don't open duplicate topics for the same issue, I responded to this also in this thread (which I've locked, to keep the discussion in one place):http://w3schools.invisionzone.com/index.php?showtopic=53228Instead of messing around with the admin code, what you should do is get the code necessary to process that form and create a new file with that code in it, and submit the form to that file. That sounds like a much better solution than removing password protection.

Link to comment
Share on other sites

no... this has nothing to do with that other topic, and I have tried to make it do that but I couldn't get it to work which is why I am trying to open up this page be removing the password set on it...

 

(The other topic you mentioned was about censoring words in HTML forms, I have already solved that, now I am working on this...)

Link to comment
Share on other sites

The other topic you mentioned was about censoring words in HTML forms

No it's not, this is what you were asking:

Hello, I have recently been working on a HTML form to submit new results into a search engine. However I have ran into a problem that I cant seem to get past. I have one page where the info from the form can be properly submitted, however it requires a password to get into....how can I use JavaScript to possibly bypass needing the password?

As far as I can tell, that's the same issue, just trying to use Javascript for some reason instead of PHP.

I have tried to make it do that but I couldn't get it to work which is why I am trying to open up this page be removing the password set on it...

So instead of trying to get it to work the way it should, you want to just remove the password protection? Go up to that code and search for "insert", you'll find the query to add the record from that form. There is some other code around it that you'll need as well.
Link to comment
Share on other sites

The if statement that that code is inside is checking to see if that form was submitted, and adding the record to the database. Although there's no validation there, it's not validating that the form was actually filled out or that there was a captcha. You'll need to add validation if you want it to not insert blank or invalid records into the database. A bigger issue is that all of the code is outdated with how it uses the database, it is open to SQL injection attacks and most of those SQL queries will break if the input contains certain characters. The correct way to fix that would be to use prepared statements, which would require all of the database code to be changed to use either mysqli or PDO instead of the old mysql extension.

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share

×
×
  • Create New...