Hello and welcome to our community! Is this your first visit?
Register
Enjoy an ad free experience by logging in. Not a member yet? Register.
Results 1 to 3 of 3
  1. #1
    mjs
    mjs is offline
    New Coder
    Join Date
    Jan 2010
    Posts
    97
    Thanks
    17
    Thanked 0 Times in 0 Posts

    how to remove login script, need help please

    Hi,

    i wondering if someone can help me to remove login script:

    the script look like:

    PHP Code:
    if(@$_COOKIE['admincp'] == md5($admin_username.$admin_password)){
        if(@
    $_GET['p'] == 'logout'){
            
    logout();
        }else{
            
    html_interface();
        }
    }else{
        if(@
    $_POST['login'] == $admin_username && @$_POST['password'] == $admin_password){

            
    setcookie('admincp'md5($admin_username.$admin_password), time()+3600'/'false);

            
    //reload
            
    echo '<meta http-equiv=refresh content=0;URL=?>';
        }else{
            
    html_login();
        }
    }

    function 
    contents(){

        
    $page_request = @$_GET['p'];

        switch(
    $page_request){
            case 
    'pages' pages(); break;
            case 
    'comments' comments(); break;
            case 
    'thumbnails' thumbnails(); break;
            default : 
    homepage(); break;
        }


    any help would be welcome and many thanks

  • #2
    Senior Coder DJCMBear's Avatar
    Join Date
    Mar 2010
    Location
    United Kindom
    Posts
    1,173
    Thanks
    14
    Thanked 136 Times in 136 Posts
    what is it your trying to do as if you want to remove the login script why cant you just take it out the code??
    Official BinPress hand picked coder.
    For anyone worried about SQL injection go have a look at my small yet powerful script here.
    Go Pledge for Light Table, if it hit's $300,000 Python and other languages will get added.
    I am 1 of 65,608 people to get a Pebble Watch :P

  • #3
    Regular Coder jfreak53's Avatar
    Join Date
    May 2004
    Location
    Guatemala
    Posts
    477
    Thanks
    19
    Thanked 10 Times in 10 Posts
    This is the code that checks login:

    PHP Code:
    if(@$_COOKIE['admincp'] == md5($admin_username.$admin_password)){ 
        if(@
    $_GET['p'] == 'logout'){ 
            
    logout(); 
        }else{ 
            
    html_interface(); 
        } 
    }else{ 
        if(@
    $_POST['login'] == $admin_username && @$_POST['password'] == $admin_password){ 

            
    setcookie('admincp'md5($admin_username.$admin_password), time()+3600'/'false); 

            
    //reload 
            
    echo '<meta http-equiv=refresh content=0;URL=?>'
        }else{ 
            
    html_login(); 
        } 

    And you just get rid of it and replace with the html_printout function which is:

    PHP Code:
    html_interface(); 
    Now the only problem is this is just the login script. So you still have to find out where the auth file is, because in that code it sets your sessions variables. So somewhere else it checks session variables and compares. So still have to find your auth file.
    "FORTRAN is not a language. It's a way of turning a multi-million dollar mainframe, into a $50 programmable scientific calculator."
    http://www.microfastcat.com -- FastCat Software, the fastest software on the NET!
    http://www.microthosting.com -- Free reseller web hosting, Hosting, VPS, FREE SMALL HOSTING!!!
    http://www.microtronix-tech.com -- Web design and programming


  •  

    Posting Permissions

    • You may not post new threads
    • You may not post replies
    • You may not post attachments
    • You may not edit your posts
    •