MAINHACK

Viewing / Editing File: index.php

<?php 
// ini_set('display_errors', 1);
// ini_set('display_startup_errors', 1);
// error_reporting(E_ALL);

include("../admin/db/db.php");?>
<?php include("../admin/includes/functions/functions.php");?>
<?php

if($_SERVER["REQUEST_METHOD"] == "POST" && isset($_POST['submit'])){
if(!csrf_token_is_valid() || !csrf_token_is_recent()) {
$login_message = "<p class='alert alert-danger text-center ' 
role='alert'>Token Authentication Failed</p>";
}

$login_message = '';

$recaptchaResponse = $_POST['g-recaptcha-response'];

$recaptchaUrl = 'https://www.google.com/recaptcha/api/siteverify';
$recaptchaData = [
    'secret' => '6LfFbnQmAAAAADMyU244ZrePAQS1L4QBUNXVCe7E',
    'response' => $recaptchaResponse,
    'remoteip' => $_SERVER['REMOTE_ADDR']
];

$recaptchaOptions = [
    'http' => [
        'header' => "Content-type: application/x-www-form-urlencoded\r\n",
        'method' => 'POST',
        'content' => http_build_query($recaptchaData)
    ]
];

$recaptchaContext = stream_context_create($recaptchaOptions);
$recaptchaResult = file_get_contents($recaptchaUrl, false, $recaptchaContext);
$recaptchaResult = json_decode($recaptchaResult);

$email = test_input($_POST['email']);
$password = test_input($_POST['password']);

$remember = isset($_POST['remember']);

$select = mysqli_query($new,"SELECT * FROM barber_admin WHERE email = '$email'");
 $dbmail = mysqli_fetch_array($select);

$mail = $dbmail['email'];
 $user = $dbmail['username'];

//$totalresult = $result1+$result2;

if($email == ""){
$login_message = '<p style="color:red"> Email is required</p>';
}

if($password == ""){

$login_message = '<p style="color:red"> Password is required</p>';
}

else {

if(!$login_message){

$stmt = $con->prepare("Select admin_id,username,password,active,business_name,email,account_type,expired from barber_admin where email = ?");
        $stmt->execute(array($email));
        $row = $stmt->fetch();

$username = $row['username'];
        $business_name = $row['business_name'];
         $active = $row['active'];
        $account_type = $row['account_type'];
        $admin_id = $row['admin_id'];
         $expired = $row['expired'];

$hashed_password = $row['password'];

if(password_verify($password,$hashed_password)) {

if($remember == "on"){        
     setcookie('email', $email , time()+31556926, '/',null,null,true);
     }

if($recaptchaResult->success) {

if($active == '1' and $expired == 'yes'){

header('Location: ../expired');
            die();

} elseif ($active == '1' and $expired == 'no') {

$_SESSION['username_Xw211qAAsq4'] = $username;
$_SESSION['business_name_Xw211qAAsq4'] = $business_name;
$_SESSION['admin_id_Xw211qAAsq4'] = $row['admin_id'];

$currentTime = date('Y-m-d H:i:s');
$stmt = mysqli_query($new,"INSERT INTO login_tracking (username,business_name,login_time,logout_time) VALUES 
('$username','$business_name','$currentTime','$currentTime')");

header('Location: ../mydashboard/');
            die();

}
         } else {

$login_message = '<p style="color:red">reCAPTCHA verification failed. Please try again
</p>';

}
} 
else
        {

$login_message = '<p style="color:red"> Wrong Email/password or your account is not activated</p>';
          
        }

}
}
}
?>
<!DOCTYPE html>
<html lang="en">
<head>
  
  <meta charset="utf-8">
  <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">

<title>Log In | The Salon Friend</title>
  <link href="https://fonts.googleapis.com/css2?family=Inter:wght@400;500;600&display=swap" rel="stylesheet">
  
  <link rel="stylesheet" href="assets/vendor/bootstrap-icons/font/bootstrap-icons.css">
 
<script src="https://code.jquery.com/jquery-3.6.4.min.js" integrity="sha256-oP6HI9z1XaZNBrJURtCoUT5SUnxFr8s3BzRl+cbzUq8=" crossorigin="anonymous"></script>

<link rel="stylesheet" href="assets/css/theme.min.css">
</head>

<div class="position-relative">
            
            <div class="card card-shadow card-login">
              <div class="row">
                <div class="col-md-7">
                  <div class="card-body">
                    
<form  method="POST" action="<?php echo test_input($_SERVER['PHP_SELF']) ?>">
<?php echo csrf_token_tag(); ?>
<div class="text-center">
<div class="mb-5">
<h3 class="card-title">Login to your account</h3>
</div>
<span class="d-flex justify-content-center align-items-center">
<?php echo $login_message;?>

<?php echo $_SESSION['register_success']; 
          echo $_SESSION['response'];
        unset($_SESSION['register_success']);
        unset($_SESSION['response']);
     ?>
</span>
</div>

<div class="mb-4">
<label class="form-label" for="signinSrEmail">Your email</label>
<input type="email" class="form-control form-control-lg" name="email" id="signinSrEmail" tabindex="1" value="<?php if (isset($_POST['email'])) { echo $_POST['email']; } ?>" autocomplete="off">
<span class="invalid-feedback">Please enter a valid email address.</span>
</div>

<div class="mb-4">
<label class="form-label" for="signupSrPassword" tabindex="0">Password</label>

<div class="input-group-merge">
<input type="password" class="js-toggle-password form-control form-control-lg" name="password" value="<?php if (isset($_POST['password'])) { echo $_POST['password']; } ?>" id="signupSrPassword" aria-label="Password required" required  data-hs-toggle-password-options='{
"target": "#changePassTarget",
"defaultClass": "bi-eye-slash",
"showClass": "bi-eye",
"classChangeTarget": "#changePassIcon"
}'>
<a id="changePassTarget" class="input-group-append input-group-text" href="javascript:;">
<i id="changePassIcon" class="bi-eye"></i>
</a>

<span class="invalid-feedback">Please enter a valid password.</span>
</div>
</div>

<div class="col-6">
<br /><br />
<div class="form-check form-switch">
<input class="form-check-input" type="checkbox" id="flexSwitchCheckChecked" name="remember">
<label class="form-check-label" for="flexSwitchCheckChecked">Remember Me</label>
</div>
</div>
</div>

<div class="d-flex justify-content-end mb-4">
<a class="form-label-link" href="reset-password">Forgot Password?</a>
</div>

<div class="d-grid gap-4">
<button type="submit" name="submit" class="btn btn-primary btn-lg">Sign in</button>

</div>
</form>
                    
                  </div>
                </div>
                
                  
                <div class="col-md-5 d-md-flex justify-content-center flex-column bg-soft-primary p-8 p-md-5" style="background-image: url(assets/svg/components/wave-pattern.svg);">
                  <h5 class="mb-4">The easiest way to manage your Salon and Spa:</h5>

<ul class="list-checked list-checked-primary list-py-2">
                    <li class="list-checked-item">Maintain Customer/Staff records</li>
                    <li class="list-checked-item">Generate customized reports</li>
                    <li class="list-checked-item">Calculate staff  commissions and many more advanced features</li>

<li class="list-checked-item">Run staff payroll with ease</li>

</ul>
                </div>
                
              </div>
              
            </div>

<figure class="position-absolute top-0 end-0 zi-n1 d-none d-sm-block mt-n7 me-n10" style="width: 4rem;">
              <img class="img-fluid" src="assets/svg/components/pointer-up.svg" alt="Image Description">
            </figure>

<figure class="position-absolute bottom-0 start-0 d-none d-sm-block ms-n10 mb-n10" style="width: 15rem;">
              <img class="img-fluid" src="assets/svg/components/curved-shape.svg" alt="Image Description">
            </figure>
            
          </div>
        </div>
      </div>
    </div>
    
  </main>

<script src="assets/vendor/bootstrap/dist/js/bootstrap.bundle.min.js"></script>

<script src="assets/vendor/hs-toggle-password/dist/js/hs-toggle-password.js"></script>

<script src="assets/js/theme.min.js"></script>

<script>
    (function() {
      HSBsValidation.init('.js-validate', {
      })
      new HSTogglePassword('.js-toggle-password')
    })()
  </script>
</body>
</html>

Cancel / Back

[ MAINHACK ]

Viewing / Editing File: index.php

Server Info

System Features

User Info