[phpBB Debug] PHP Warning: in file [ROOT]/includes/crs/crs_misc_functions.php on line 37: mime_content_type(): Empty filename or path
[phpBB Debug] PHP Warning: in file [ROOT]/includes/crs/crs_misc_functions.php on line 37: mime_content_type(): Empty filename or path
Zen Cart 源代码 login.php

Zen Cart 源代码 login.php




下载文件

文件名: login.php
文件类型: PHP文件
文件大小: 3.65 KiB
MD5: 10cf80337050c4844c1fa2d118b6de53

login.php - 关闭高亮
  1. <?php
  2. /**
  3.  * @package admin
  4.  * @copyright Copyright 2003-2010 Zen Cart Development Team
  5.  * @copyright Portions Copyright 2003 osCommerce
  6.  * @license http://www.zen-cart.com/license/2_0.txt GNU Public License V2.0
  7.  * @version $Id: login.php 15928 2010-04-13 03:21:56Z drbyte $
  8.  */
  9.  
  10.   require('includes/application_top.php');
  11.  
  12.   $admin_name = "";
  13.   $admin_pass = "";
  14.   $pass_message = "";
  15.   $message = false;
  16.   if (isset($_POST['submit'])) {
  17.     $admin_name = zen_db_prepare_input($_POST['admin_name']);
  18.     $admin_pass = zen_db_prepare_input($_POST['admin_pass']);
  19.     if ($admin_name == '' && $admin_pass == '') sleep(4);
  20.     $sql = "select admin_id, admin_name, admin_pass from " . TABLE_ADMIN . " where admin_name = '" . zen_db_input($admin_name) . "'";
  21.     $result = $db->Execute($sql);
  22.     if ((!isset($_SESSION['securityToken']) || !isset($_POST['securityToken'])) || ($_SESSION['securityToken'] !== $_POST['securityToken'])) {
  23.       $message = true;
  24.       $pass_message = ERROR_SECURITY_ERROR;
  25.     }
  26.     if (!isset($result->fields) || !($admin_name == $result->fields['admin_name'])) {
  27.       $message = true;
  28.       $pass_message = ERROR_WRONG_LOGIN;
  29.     }
  30.     if (!isset($result->fields) || !zen_validate_password($admin_pass, $result->fields['admin_pass'])) {
  31.       $message = true;
  32.       $pass_message = ERROR_WRONG_LOGIN;
  33.     }
  34.     // BEGIN LOGIN SLAM PREVENTION
  35.     if ($message == TRUE) {
  36.       if (!isset($_SESSION['login_attempt'])) $_SESSION['login_attempt'] = 0;
  37.       $_SESSION['login_attempt']++;
  38.       if ($_SESSION['login_attempt'] > 6) {
  39.         zen_session_destroy();
  40.         sleep(15);
  41.         zen_redirect(zen_href_link(FILENAME_DEFAULT, '', 'SSL'));
  42.       } else {
  43.         sleep(4);
  44.       }
  45.     }   // END LOGIN SLAM PREVENTION
  46.     if ($message == false) {
  47.       unset($_SESSION['login_attempt']);
  48.       $_SESSION['admin_id'] = $result->fields['admin_id'];
  49.       if (SESSION_RECREATE == 'True') {
  50.         zen_session_recreate();
  51.       }
  52.       zen_redirect(zen_href_link(FILENAME_DEFAULT, '', 'SSL'));
  53.     }
  54.   }
  55. ?>
  56. <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
  57. <html xmlns="http://www.w3.org/1999/xhtml" <?php echo HTML_PARAMS; ?>>
  58. <head>
  59. <meta http-equiv="Content-Type" content="text/html; charset=<?php echo CHARSET; ?>">
  60. <title><?php echo TITLE; ?></title>
  61. <link href="includes/stylesheet.css" rel="stylesheet" type="text/css" />
  62. <meta name="robot" content="noindex, nofollow" />
  63. </head>
  64. <body id="login" onload="document.getElementById('admin_name').focus()">
  65. <form name="login" action="<?php echo zen_href_link(FILENAME_LOGIN, '', 'SSL'); ?>" method="post">
  66.   <fieldset>
  67.     <legend><?php echo HEADING_TITLE; ?></legend>
  68.     <label class="loginLabel" for="admin_name"><?php echo TEXT_ADMIN_NAME; ?></label>
  69. <input style="float: left" type="text" id="admin_name" name="admin_name" value="<?php echo zen_output_string($admin_name); ?>" />
  70. <br class="clearBoth" />
  71.     <label  class="loginLabel" for="admin_pass"><?php echo TEXT_ADMIN_PASS; ?></label>
  72. <input style="float: left" type="password" id="admin_pass" name="admin_pass" value="<?php echo zen_output_string($admin_pass); ?>" />
  73. <br class="clearBoth" />
  74.     <?php echo $pass_message; ?>
  75.     <input type="hidden" name="securityToken" value="<?php echo $_SESSION['securityToken']; ?>">
  76.     <input type="submit" name="submit" class="button" value="登录" />
  77.     <?php echo '<a style="float: right;" href="' . zen_href_link(FILENAME_PASSWORD_FORGOTTEN, '', 'SSL') . '">' . TEXT_PASSWORD_FORGOTTEN . '</a>'; ?>
  78.   </fieldset>
  79. </form>
  80. </body>
  81. </html>
  82. <?php require('includes/application_bottom.php'); ?>
  83.  


cron