Help!!!!!

George_4net

Hello guys!

Yesterday I was got crazy! I have a serious problem with PHP Authentication. I did not touch ANYTHING in my script and I was able to login on my Admin Panel. But when I tried to login on my Admin Area I wasn’t able! OH NO! I am desperate! I don’t know what I must do! In a few days I must upload my Portal on the web but I can’t without being able to login on the Admin Panel!

It’s not funny! It’s really serious! Here is the code of my authentication script:

<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-7">
<meta http-equiv="Content-Style-Type" content="text/css">
<meta name="robots" content="index,nofollow" />
<title>Portal Administration Area</title>
<link rel="stylesheet" href="../Forum/templates/subBlack/subBlack.css" type="text/css">
</head>
<body>
<?php 
require('sec/urity/files/congif.php');
require('sec/urity/files/select_bd.php');

$auth = false;

if (isset( $PHP_AUTH_USER ) && isset($PHP_AUTH_PW)) { 

$sql = "SELECT * FROM admin WHERE 
        username = '$PHP_AUTH_USER' AND 
        password = '$PHP_AUTH_PW'"; 

   $result = mysql_query( $sql ) 
       or die ( 'Unable to execute query.' ); 

$num = mysql_numrows( $result ); 

if ( $num != 0 ) { 
    $auth = true; 

} 

} 

if ( ! $auth ) { 
    header( 'WWW-Authenticate: Basic realm="Private"' ); 
    header( 'HTTP/1.0 401 Unauthorized' ); 
    include('denied.php');
    exit; 

} else { 

   define("ACCESS", TRUE);
   require('index1.php');
} 

?>

<?php

$act = $_GET['act'];

if ($act == admin_blog) {
print "";
include($george_root_path . 'templ/header.tpl');
include($george_root_path . 'templ/blog_title.tpl');
include($george_root_path . 'templ/end_header.tpl');
include($george_root_path . 'templ/start_main_body.tpl');
include($george_root_path . 'admin_includes/_blog_.' .$phpEx);
include($george_root_path . 'templ/close_desc.tpl');
include($george_root_path . 'templ/copyright.tpl');
exit;
}
elseif ($act == admin_viewblog) {
print "";
include($george_root_path . 'templ/header.tpl');
include($george_root_path . 'templ/end_header.tpl');
include($george_root_path . 'admin_includes/_viewblog_.'.$phpEx);
include($george_root_path . 'templ/copyright.tpl');
exit;
}
elseif ($act == admin_new_weblog_entry) {
print "";
include($george_root_path . 'templ/header.tpl');
include($george_root_path . 'templ/end_header.tpl');
include($george_root_path . 'admin_includes/_new_blog_entry.'.$phpEx);
include($george_root_path . 'templ/copyright.tpl');
exit;
}
elseif ($act == public_admin_blog_data) {
print "";
include($george_root_path . 'templ/header.tpl');
include($george_root_path . 'templ/end_header.tpl');
include($george_root_path . 'admin_includes/_check_new_bblog_entry.'.$phpEx);
include($george_root_path . 'templ/copyright.tpl');
exit;
}
elseif ($act == admin_edit_weblog_entry) {
print "";
include($george_root_path . 'templ/header.tpl');
include($george_root_path . 'templ/end_header.tpl');
include($george_root_path . 'admin_includes/_editblog_entry!_.'.$phpEx);
include($george_root_path . 'templ/copyright.tpl');
exit;
}
elseif ($act == admin_delete_weblog_entry) {
print "";
include($george_root_path . 'templ/header.tpl');
include($george_root_path . 'templ/end_header.tpl');
include($george_root_path . 'admin_includes/_delete_entry_blog_.'.$phpEx);
include($george_root_path . 'templ/copyright.tpl');
exit;
}
elseif ($act == admin_jokes) {
print "";
include($george_root_path . 'templ/header.tpl');
include($george_root_path . 'templ/joke_title.tpl');
include($george_root_path . 'templ/end_header.tpl');
include($george_root_part . 'templ/start_main_body.tpl');
include($george_root_path . 'templ/start_joke_body.tpl');
include($george_root_path . 'templ/close_desc.tpl');
include($george_root_path . 'templ/copyright.tpl');
exit;
}
elseif ($act == admin_viewjokes) {
print "";
include($george_root_path . 'templ/header.tpl');
include($george_root_path . 'templ/end_header.tpl');
include($george_root_path . 'admin_includes/_view_jokes_.'.$phpEx);
include($george_root_path . 'templ/copyright.tpl');
exit;
}
elseif ($act == admin_new_joke_entry) {
print "";
include($george_root_path . 'templ/header.tpl');
include($george_root_path . 'templ/end_header.tpl');
include($george_root_path . 'admin_includes/_new_joke_entry.'.$phpEx);
include($george_root_path . 'templ/copyright.tpl');
exit;
}
elseif ($act == public_admin_joke_data) {
print "";
include($george_root_path . 'templ/header.tpl');
include($george_root_path . 'templ/end_header.tpl');
include($george_root_path . 'admin_includes/check_jjoke_entry.'.$phpEx);
include($george_root_path . 'templ/copyright.tpl');
exit;
}
elseif ($act == admin_edit_joke_entry) {
print "";
include($george_root_path . 'templ/header.tpl');
include($george_root_path . 'templ/end_header.tpl');
include($george_root_path . 'admin_includes/_editjoke_entry!_.'.$phpEx);
include($george_root_path . 'templ/copyright.tpl');
exit;
}
elseif ($act == admin_delete_joke_entry) {
print "";
include($george_root_path . 'templ/header.tpl');
include($george_root_path . 'templ/end_header.tpl');
include($george_root_path . 'admin_includes/_delete_entry_joke_.'.$phpEx);
include($george_root_path . 'templ/copyright.tpl');
exit;
}
if (!$_GET && !$_POST) {
print "";
include('templ/index_body.tpl');

} else {
print "";

?>
<?php 

} 

?>

the included files:

// congif.php
<?php
    mysql_connect( 'localhost', 'root', '****' ) 
        or die ( 'Unable to connect to server.' ); 

?>
// select_bd.php
<?php
    mysql_select_db( 'Forum' ) 
        or die ( 'Unable to select database.' ); 
?>
--

and in the phpmyadmin I have a table named: admin_login.
Here is the data:

CREATE TABLE `admin_login` (
  `id` int(10) NOT NULL auto_increment,
  `username` varchar(40) NOT NULL default '',
  `password` varchar(40) NOT NULL default '',
  PRIMARY KEY  (`id`)
) ENGINE=InnoDB DEFAULT CHARSET=latin1 AUTO_INCREMENT=2 ;
INSERT INTO `admin_login` VALUES (1, 'George', '****');

--
I type for Username: George and password: ****
But it’s not working…
Guys if you find anything wrong please tell me! I don’t know what I must do!
I’ll be waiting anxiously for your help! I am sure that I type my login information okay but I can’t login!!!!!!

And I’m sure the connection in the database is okay. But still can’t find the wrong!
If you don’t know how to fix it or you can’t find the wrong please suggest me a STRONG login script to my Admin Panel. In my opinion the best I can do is user authentication script rather than creating login files!

Please reply,
Benji.

[excuse my poor English]

Houdini

A couple of points to help you solve your problem George_4net place your code with PHP or HTML BB Code tags (see the link in my signature on how to do so). Seperate your code into sections (different scripts) What portal system are you using, although this is not a Portal specific site or forums there are those that might just have the Portal you are using so state what Portal software you are using.

If you would edit your code after seing what is illustrated in my signature then we might see some obvious errors in the code that you posted. I am sure you would get a better response when doing so, cause long lines of unformatted and unhighlighted code are hard to read and boring.