Shell File Manager
<?php
session_start();
function generateRandomString($length = 20)
{
return substr(str_shuffle(str_repeat($x = '0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ', ceil($length / strlen($x)))), 1, $length);
}
include '../../include/config.php';
error_reporting(0);
if (isset($_POST['submit'])) {
$email = $_POST['email'];
$password_pure = $_POST['password'];
// print_r($password_pure);
$password = md5($_POST['password']);
$email = $connection->real_escape_string($_POST['email']);
$email = ($email);
$gen_session = generateRandomString(26);
$successValue = 1;
$query = "SELECT * FROM admins WHERE email='$email' AND password='$password'";
$query_run = mysqli_query($connection, $query);
if ($query_run->num_rows > 0) {
$row = mysqli_fetch_assoc($query_run);
$_SESSION['username'] = $row['username'];
$_SESSION['admin_id'] = $row['admin_id'];
$_SESSION['role'] = $row['role'];
$_SESSION['session'] = $gen_session;
header("Location:home.php?admin_id=$row[admin_id]&role=$row[role]&session=$gen_session");
echo "<script> location.href='home.php?admin_id=$row[admin_id]&role=$row[role]&session=$gen_session'; </script>";
} else {
echo "<script>alert('Woops! Email or Password is Wrong.')</script>";
}
}
$sql = "UPDATE admins SET session_key='$password' WHERE email='$email' AND password='$password' ";
$result = $connection->query($sql);
if ($result === false) {
die("ERROR: Could not connect. " . mysqli_connect_error());
$successValue = 0;
}
?>
<!DOCTYPE html>
<html>
<head>
<meta charset="utf-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<link rel="stylesheet" href="https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css">
<link rel="stylesheet" type="text/css" href="../assets/css/log.css">
<title> CamScan FZCO Admin</title>
<link rel="shortcut icon" type="image/x-icon" href="../../assets/img/products/cs.png">
</head>
<body>
<div class="container">
<form action="" method="POST" class="login-email">
<p class="login-text" style="font-size: 2rem; font-weight: 800;"><img src="../../assets/img/website/camscan.png" height=50px ; width=200px></p>
<div class="input-group">
<input type="email" placeholder="Email" name="email" value="<?php echo $email; ?>" required>
</div>
<div class="input-group">
<input type="password" placeholder="Password" name="password" value="<?php echo $_POST['password']; ?>" required>
</div>
<div class="input-group">
<button name="submit" class="btn">Login</button>
</div>
</form>
</div>
</body>
</html>
<?php
// $query = "SELECT * FROM pre_registration INNER JOIN orders ON pre_registration.user_id = orders.user_id WHERE order_id='$order_id' And id_card='$id_card'";
// // print_r($query);
// $result = $connection->query($query);
// if ( !empty($result->num_rows) && $result->num_rows > 0) {
// $row = $result->fetch_assoc();
// $_SESSION['ID'] = $row['user_id'];
// $_SESSION['order_id'] = $row['order_id'];
// $_SESSION['id_card'] = $row['id_card'];
// $_SESSION['user_id'] = $row['user_id'];
// $_SESSION['session'] = $gen_session;
// header("Location:user.php?user_id=$row[user_id]&session=$gen_session&dbs=$successValue");
// die();
// }
// else {
// $errorMsg = "يرجى التحقق من رمز الدخول ";
// }
// }
//
?>
Shell File Manager Version 1.1, Coded By Shell
Email: [email protected]