File "index.php"
Full Path: /home/custbahd/tourismfraternity.com/admin/secure/modals/index.php
File size: 14.83 KB
MIME-type: text/x-php
Charset: utf-8
<?php
session_start();
include_once('../db/saucerer.php');
// Define variables and initialize with empty values
$id = $name = $token = $access = "";
$id_err = $name_err = $token_err = $access_err = "";
// Generating a random number
date_default_timezone_set('Africa/Kampala');
$today = date("His-dmY",time());
$code1 = rand(1,9);
$code2 = rand(1,9);
$code3 = $code1 * $code2;
$tokens = "$code3-$today";
// Check if the user is logged in, if not then redirect him to login page
if(!isset($_SESSION["failed"]) || $_SESSION["failed"] != true){
$failed = "";
} elseif(!isset($_SESSION["failed"]) || $_SESSION["failed"] == true){
$failed = $_SESSION['failed'];
}
// Processing form data when form is submitted
if($_SERVER["REQUEST_METHOD"] == "POST"){
$name = trim($_POST["name"]);
$token = trim($_POST["token"]);
$access = trim($_POST["access"]);
// Validate code
if(empty(trim($_POST["access"]))){
$access_err = "Invalid access code!";
} else{
// Prepare a select statement
$sql = "SELECT id FROM access WHERE code = ?";
if($stmt = mysqli_prepare($link, $sql)){
// Bind variables to the prepared statement as parameters
mysqli_stmt_bind_param($stmt, "s", $param_access);
// Set parameters
$param_access = trim($_POST["access"]);
// Attempt to execute the prepared statement
if(mysqli_stmt_execute($stmt)){
/* store result */
mysqli_stmt_store_result($stmt);
if(mysqli_stmt_num_rows($stmt) == 0){
$action = "Login";
$attempt = "Failed";
$access_err = "Invalid access code!";
// Prepare an insert statement
$sql = "INSERT INTO secure (name, token, access, attempt, action) VALUES (?, ?, ?, ?, ?)";
if($stmt = mysqli_prepare($link, $sql)){
// Bind variables to the prepared statement as parameters
mysqli_stmt_bind_param($stmt, "sssss", $param_name, $param_token, $param_access, $param_attempt, $param_action);
// Set parameters
$param_name = $name;
$param_token = $token;
$param_access = $access;
$param_action = $action;
$param_attempt = $attempt;
// Attempt to execute the prepared statement
if(mysqli_stmt_execute($stmt)){
// Store data in session variables
$_SESSION["failed"] = true;
$_SESSION["name"] = $name;
}
}
}
} else{
$_SESSION['error'] = "Oops! Something went wrong. Please try again later.";
}
// Close statement
mysqli_stmt_close($stmt);
}
}
// Check input errors before inserting in database
if(empty($name_err) && empty($token_err) && empty($access_err)){
$action = "Login";
$attempt = "Succesful";
// Prepare an insert statement
$sql = "INSERT INTO secure (name, token, access, attempt, action) VALUES (?, ?, ?, ?, ?)";
if($stmt = mysqli_prepare($link, $sql)){
// Bind variables to the prepared statement as parameters
mysqli_stmt_bind_param($stmt, "sssss", $param_name, $param_token, $param_access, $param_attempt, $param_action);
// Set parameters
$param_name = $name;
$param_token = $token;
$param_access = $access;
$param_action = $action;
$param_attempt = $attempt;
// Attempt to execute the prepared statement
if(mysqli_stmt_execute($stmt)){
session_start();
// Store data in session variables
$_SESSION["loggedin"] = true;
$_SESSION["id"] = $id;
$_SESSION["name"] = $name;
$_SESSION["token"] = $token;
$_SESSION["access"] = $access;
// Redirect to login page
header("location: ../");
} else{
$_SESSION['error'] = "Something went wrong. Please try again.";
}
// Close statement
mysqli_stmt_close($stmt);
}
}
// Close connection
mysqli_close($link);
}
?>
<!doctype html>
<html lang="en">
<head>
<!-- Required meta tags -->
<meta charset="utf-8">
<meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
<title>Admin | Tourism Fraternity Network ©</title>
<meta name="description" content="A premier online listing for businesses and travelers">
<link rel="shortcut icon" type="image/x-icon" href="../../assets/images/favicon.png" />
<!-- Social Share Data -->
<meta content="text/html; charset=utf-8" name="Content-Type">
<meta property="og:type" content="article">
<meta property="og:image" content="https://tourismfraternity.com/assets/images/card/1.png">
<!-- Less than 65 characters -->
<meta property="og:title" content="Admin | Tourism Fraternity Network ©">
<meta property="og:url" content="https://camonitor.online/Tourism/admin">
<!-- Less than 300 characters -->
<meta property="og:description" content="A premier online listing for businesses and travelers">
<meta property="og:site_name" content="Admin | Tourism Fraternity Network ©">
<!-- Twitter Cards -->
<meta name="twitter:card" content="summary_large_image">
<meta name="twitter:url" content="https://camonitor.online/Tourism/admin">
<meta name="twitter:title" content="Admin | Tourism Fraternity Network ©">
<meta name="twitter:description" content="A premier online listing for businesses and travelers">
<meta name="twitter:image" content="https://tourismfraternity.com/assets/images/card/1.png">
<meta name="twitter:site" content="@tourism_fraternity_network">
<meta name="twitter:creator" content="@iann_thecreator">
<!-- Bootstrap CSS -->
<link rel="stylesheet" href="../css/bootstrap.css">
<link rel="stylesheet" href="../vendors/linericon/style.css">
<link rel="stylesheet" href="../css/font-awesome.min.css">
<link rel="stylesheet" href="../vendors/owl-carousel/owl.carousel.min.css">
<link rel="stylesheet" href="../vendors/bootstrap-datepicker/bootstrap-datetimepicker.min.css">
<link rel="stylesheet" href="../vendors/nice-select/css/nice-select.css">
<link rel="stylesheet" href="../vendors/owl-carousel/owl.carousel.min.css">
<!-- main css -->
<link rel="stylesheet" href="../css/style.css">
<link rel="stylesheet" href="../css/responsive.css">
<!--Animations-->
<link rel="stylesheet" type="text/css" href="../css/animations/style.css">
<!--Fontawesome 6-->
<link href="../css/fontawesome/css/all.css" rel="stylesheet">
</head>
<body>
<!--================Header Area =================-->
<header class="header_area">
<div class="container">
<nav class="navbar navbar-expand-lg navbar-light">
<!-- Brand and toggle get grouped for better mobile display -->
<a class="navbar-brand logo_h" href="../../"><img src="../../assets/images/logo/2.png" alt="Tourism Fraternity Network Logo"></a>
<button class="navbar-toggler" type="button" data-toggle="collapse" data-target="#navbarSupportedContent" aria-controls="navbarSupportedContent" aria-expanded="false" aria-label="Toggle navigation">
<span class="icon-bar"></span>
<span class="icon-bar"></span>
<span class="icon-bar"></span>
</button>
<!-- Collect the nav links, forms, and other content for toggling -->
<div class="collapse navbar-collapse offset" id="navbarSupportedContent">
<ul class="nav navbar-nav menu_nav ml-auto">
<li class="nav-item active"><a class="nav-link" href="../">Admin</a></li>
<li class="nav-item"><a class="nav-link" href="../listings" >Listings</a></li>
<li class="nav-item"><a class="nav-link" href="../blogs">Blogs</a></li>
<li class="nav-item"><a class="nav-link" href="../events">Events</a></li>
<li class="nav-item"><a class="nav-link" href="../inquiries">Inquiries</a></li>
</ul>
</div>
</nav>
</div>
</header>
<!--================Header Area =================-->
<!--================Breadcrumb Area =================-->
<section class="breadcrumb_area">
<div class="overlay bg-parallax" data-stellar-ratio="0.8" data-stellar-vertical-offset="0" data-background=""></div>
<div class="container">
<div class="page-cover text-center">
<h2 class="page-cover-tittle">Secure</h2>
<ol class="breadcrumb">
<li><a href="../">Home</a></li>
<li class="active">Secure</li>
</ol>
</div>
</div>
</section>
<!--================Breadcrumb Area =================-->
<!--================Contact Area =================-->
<section class="contact_area section_gap">
<!--================ Session Handler Start =================-->
<div class="session_handler">
<?php
if(isset($_SESSION['error'])){
echo "<div class='alert alert-danger text-center'>
<button class='close'>×</button>
".$_SESSION['error']."
</div>";
unset($_SESSION['error']);
}
if(isset($_SESSION['success'])){
echo "<div class='alert alert-success text-center'>
<button class='close'>×</button>
".$_SESSION['success']."
</div>";
unset($_SESSION['success']);
}
?>
</div>
<!--================ Session Handler End =================-->
<div class="container">
<div class="section_title text-center">
<p class="text-uppercase" style="font-size: 18px;">Secure</p>
<h2 class="title_color">Validator</h2>
<hr>
</div>
<div class="row">
<div class="col-md-3 col-1">
</div>
<div class="col-md-6 col-10">
<form class="row contact_form" action="<?php echo htmlspecialchars($_SERVER["PHP_SELF"]); ?>" method="post">
<div class="col-md-12">
<div class="form-group <?php echo (!empty($name_err)) ? 'has-error' : ''; ?>">
<?php
if ($failed == true) {
echo '<input class="form-control" type="text" name="name" value="'.$_SESSION["name"].'">';
} elseif ($failed != true) {
echo '<input class="form-control" type="text" name="name" placeholder="Full Names">';
}
?>
<span class="help-block"><?php echo $name_err; ?></span>
</div>
<div class="form-group <?php echo (!empty($access_err)) ? 'has-error' : ''; ?>">
<input class="form-control" type="text" name="access" placeholder="Access Code">
<span class="help-block"><?php echo $access_err; ?></span>
</div>
<input class="form-control" type="hidden" name="token" value="<?php echo $tokens; ?>">
</div>
<div class="col-md-12 text-center">
<button type="submit" name="submit" class="btn theme_btn button_hover">Access Panel</button>
</div>
</form>
</div>
</div>
</div>
</section>
<!--================Contact Area =================-->
<!--================ start footer Area =================-->
<footer class="footer-area section_gap">
<div class="container">
<div class="row footer-bottom d-flex justify-content-between align-items-center">
<div class="col-lg-3 col-sm-12 footer-social">
<a href="https://facebook.com/"><i class="fab fa-facebook"></i></a>
<a href="https://x.com/"><i class="fab fa-x-twitter"></i></a>
<a href="https://instagram.com/"><i class="fab fa-instagram"></i></a>
<a href="https://wa.me/256785196012"><i class="fab fa-whatsapp"></i></a>
</div>
<p class="col-lg-6 col-sm-12 footer-text m-0 text-center">
<a href="#">Tourism Fraternity Network</a> © <script>document.write(new Date().getFullYear());</script>, All Rights Reserved<span class="flash">.</span></p>
<p class="col-lg-3 col-sm-12 footer-text m-0 text-center" style="font-size: 12px;">Powered by <a href="https://camonitor.online" target="_blank" style="color: #82848f;">Custom Assist Inc<span class="flash">.</span></a></p>
</div>
</div>
</footer>
<!--================ End footer Area =================-->
<!-- Optional JavaScript -->
<!-- jQuery first, then Popper.js, then Bootstrap JS -->
<script src="../js/jquery-3.2.1.min.js"></script>
<script src="../js/popper.js"></script>
<script src="../js/bootstrap.min.js"></script>
<script src="../vendors/owl-carousel/owl.carousel.min.js"></script>
<script src="../js/jquery.ajaxchimp.min.js"></script>
<script src="../js/mail-script.js"></script>
<script src="../vendors/bootstrap-datepicker/bootstrap-datetimepicker.min.js"></script>
<script src="../vendors/nice-select/js/jquery.nice-select.js"></script>
<script src="../js/mail-script.js"></script>
<script src="../js/stellar.js"></script>
<script src="../vendors/lightbox/simpleLightbox.min.js"></script>
<script src="../js/custom.js"></script>
<script src="../js/video-on-scroll.js"></script>
</body>
</html>