ziedinjsh Posted November 12, 2010 Report Share Posted November 12, 2010 (edited) Notice: Undefined index: admin_pass in D:\WEB\xampp\htdocs\sell\admin\index.php on line 30 if(isset($_POST['login'])){ $admin_name = $_POST['admin_name']; $admin_pass = $_POST['admin_pass']; $result = mysql_query("SELECT * FROM admin WHERE admin_name='$admin_name' AND admin_pass=md5('$admin_pass')"); if(mysql_num_rows($result) > 0) { $_SESSION['is_logged_in'] = 1; } } if(!isset($_SESSION['is_logged_in'])) { echo "<form method='post' action='".$_SERVER['PHP_SELF']."'>"; echo "Admin:<input type='text' name='admin_name' class='input'>"; echo "Password:<input type='password' name='admin-pass' class='input'>"; echo "<input type='submit' name='login' value='Eneter' class='button'>"; echo "</form>"; } else { echo "Lapa"; } Kapēc tā? :? Edited November 12, 2010 by ziedinjsh Quote Link to comment Share on other sites More sharing options...
indoom Posted November 12, 2010 Report Share Posted November 12, 2010 Ir atšķirība starp _ un - Un neaizmirsti par mysql_real_escape_string() Quote Link to comment Share on other sites More sharing options...
ziedinjsh Posted November 12, 2010 Author Report Share Posted November 12, 2010 tagad ir sekojoša problēma.. ielogojoties man atver to ko vajadzētu atvērt, bet kad uzspiež uz kāda linka man atkal aizmet pie logina <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" id="" class=""> <head> <title>projekts</title> <meta http-equiv="Content-type" content="text/html; charset=utf-8" /> <meta http-equiv="Content-language" content="en" /> <meta name="description" content="" /> <link rel="alternate" media="handheld" href="" /> <link rel="shortcut icon" href="" /> <link type="text/css" rel="stylesheet" href="../misc/style.css" /> <link type="text/css" rel="stylesheet" href="../misc/add-style.css" /> </head> <body> <?php error_reporting(E_ALL); include "../misc/connect.php"; include "../misc/paypal.php"; include "../misc/player.php"; if(isset($_POST['login'])){ $admin_name = $_POST['admin_name']; $admin_pass = $_POST['admin_pass']; $result = mysql_query("SELECT * FROM admin WHERE admin_name='$admin_name' AND admin_pass=md5('$admin_pass')"); $query = sprintf("SELECT * FROM users WHERE admin_name='$admin_name' AND admin_pass='$admin_pass'", mysql_real_escape_string($admin_name), mysql_real_escape_string($admin_pass)); if(mysql_num_rows($result) > 0) { $_SESSION['is_logged_in'] = 1; } } if(!isset($_SESSION['is_logged_in'])) { echo "<form method='post' action='".$_SERVER['PHP_SELF']."'>"; echo "Admin:<input type='text' name='admin_name' class='input'>"; echo "Password:<input type='password' name='admin_pass' class='input'>"; echo "<input type='submit' name='login' value='Eneter' class='button'>"; echo "</form>"; } else { //////////////////Page $id = (isset($_GET['id'])) ? $_GET['id'] : ''; echo "<div id='top'>"; echo "</div>"; echo "<div class='warp'>"; echo "<div id='admin-menu'>"; echo "<a href='../index.php'>Page | </a>"; echo "<a href='index.php'>Admin stage</a> | "; echo "<a href='index.php?id=add_d7&d7=list'>D7</a> |"; echo "</div>"; echo "<div class='page'>"; if($id==''){ echo "<center>Admin stage</center>"; } if ($id=='add_d7'){ include "d7.php"; } echo "</div>"; echo "</div>"; } ?> </body> </html> Quote Link to comment Share on other sites More sharing options...
mefisto Posted November 12, 2010 Report Share Posted November 12, 2010 Tev trūksts session_start() Quote Link to comment Share on other sites More sharing options...
ziedinjsh Posted November 12, 2010 Author Report Share Posted November 12, 2010 nu jā, bet kurā vietā :? Quote Link to comment Share on other sites More sharing options...
rATRIJS Posted November 12, 2010 Report Share Posted November 12, 2010 $result = mysql_query("SELECT * FROM admin WHERE admin_name='$admin_name' AND admin_pass=md5('$admin_pass')"); $query = sprintf("SELECT * FROM users WHERE admin_name='$admin_name' AND admin_pass='$admin_pass'", mysql_real_escape_string($admin_name), mysql_real_escape_string($admin_pass)); o_O - paskaties tachu ko tu tur esi sarakstiijis... Quote Link to comment Share on other sites More sharing options...
ziedinjsh Posted November 12, 2010 Author Report Share Posted November 12, 2010 ā.. sapratu kur :) Quote Link to comment Share on other sites More sharing options...
ziedinjsh Posted November 12, 2010 Author Report Share Posted November 12, 2010 $result = mysql_query("SELECT * FROM admin WHERE admin_name='$admin_name' AND admin_pass=md5('$admin_pass')"); $query = sprintf("SELECT * FROM users WHERE admin_name='$admin_name' AND admin_pass='$admin_pass'", mysql_real_escape_string($admin_name), mysql_real_escape_string($admin_pass)); o_O - paskaties tachu ko tu tur esi sarakstiijis... un kas tad tur ir par daudz? Quote Link to comment Share on other sites More sharing options...
rATRIJS Posted November 12, 2010 Report Share Posted November 12, 2010 Pastaasti ko tavupraat tas kods dara. Seciigi peec kaartas. Quote Link to comment Share on other sites More sharing options...
daGrevis Posted November 12, 2010 Report Share Posted November 12, 2010 Domājam, tad darām, nevis otrādāk, ne? Injekciju novēršana pirms pieprasījuma, lūdzu. =) Quote Link to comment Share on other sites More sharing options...
mefisto Posted November 12, 2010 Report Share Posted November 12, 2010 ziedinjsh, stingri iesaku palasīt par PDO. Community viedoklis šobrīd ir tāds , ka jaunā kodā nevajadzētu vairs izmantot mysql_* funcijas. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.