I have this php script ( phpfanlist ) with an admin section that refused to work one day. I guess it came with a php update or something. I didn't mind at the time but now it's bugging me big time.
I made research, I checked the log and all ( there was a depreciate =& new in front.inc.php but I corrected it, so that's fine ) but the login page still redirect to a blank page after successful login. If the login is not successful, it throws back an error message. If I manually try to enter the admin section ( admin.php ) after successfully login-in, I get into the admin without problem.
I checked the log and I don't get any message, at all. How can I make that login page work ? I just want to enter the admin without typing it manually ... Is the code too old ?
So, login.php
gives a form to enter login/pass
- Successful login : reload
login.php
to blank page oflogin.php
- Unsuccessful login : reload
login.php
with unsuccessful message - What it's suppose to do on successful login : open
admin.php
This is login.php :
require_once('includes/front.inc.php');
$passok = true;
if (isset($_POST['user']) && isset($_POST['pass']) && (strcasecmp($_POST['user'], $fanlisting->settings['admin_name']) == 0) && (strcmp($_POST['pass'], $fanlisting->settings['admin_pass']) == 0)) {
session_start();
header("Cache-control: private"); // IE fix!!!
$_SESSION['loggedin'] = 1;
if (!isset($fanlisting->settings['cookie_lifetime'])) {
$fanlisting->settings['cookie_lifetime'] = 60;
}
if (isset($_POST['rememberme']) && ($_POST['rememberme'] == 'yes')) {
setcookie('phpfanlist_rememberme', 'yesplease', time()+60*60*24*$fanlisting->settings['cookie_lifetime'], '/');
setcookie('phpfanlist_username', $_POST['user'], time()+60*60*24*$fanlisting->settings['cookie_lifetime'], '/');
} else {
setcookie('phpfanlist_rememberme', FALSE, time()+60*60*24*$fanlisting->settings['cookie_lifetime'], '/');
setcookie('phpfanlist_username', FALSE, time()+60*60*24*$fanlisting->settings['cookie_lifetime'], '/');
}
if (isset($_SESSION['previous_url'])) {
$url = $_SESSION['previous_url'];
unset($_SESSION['previous_url']);
} else {
$url = 'admin.php';
}
header('Location: ' . $url);
exit;
} else { (isset($_POST['pass'])) ? $passok = false : $passok = true; }
EDIT : so, it looks like there's too many redirect from admin.php Looking at admin.php doesn't seem to give much info
// Password protect it \\
session_start();
header("Cache-control: private"); // IE fix!!!
if (isset($_GET['action']) && ($_GET['action'] == 'logout')) {
$_SESSION = array();
}
if ((!isset($_SESSION['loggedin'])) || ($_SESSION['loggedin'] != 1)) {
header('Location:admin.php');
exit;
}
/***********************/
require_once('includes/inc.php');
require_once(realpath(PHPFANLIST_INCLUDES . 'admin.inc.php'));
Header of admin.inc.php is just asking for
require_once('./includes/inc.php');
// Get the actions
require_once('admin.scripts.inc.php');
$fanlisting->LastChecked();